I usually only blog about security or Sci-Fi. Nevertheless, I will blog about an entirely unrelated topic as I believe we have reached an important milestone. Artificial Intelligence (AI) is around for many decades with various successes. For several years, AI, through machine learning, has made tremendous progress with some deployed fascinating products or services. For instance, Google Photo has leap-frogged the exploitation of databases of images. It can automatically detect pictures featuring the same person over decades! Some friends told me that it even differentiated natural twins.
Nevertheless, I always believed that go game was out of the reach of AI. Go is a multi-millennial ancient game with extremely simple rules (indeed, only three rules). It is played on a go ban of 19 x 19 positions. Each player adds a stone (white or black) to create the largest territory. The game is extremely complex not only because of the number of possible combinations (it is said to be greater than the number of atoms in the universe) but also by the infinite possible strategies. It exceeds by several amplitudes the complexity of chess. A great game!!!
On January 27, 2016, Google made my belief wrong. For the first time, their software, AlphaGo, won five games to zero against a professional go player. AlphaGo was first trained with 30 million moves. Then, it has been self-reinforced by playing against itself thousands of times. The result is a software at the level of a professional go player. Evidently, AI passed a milestone.
Machine learning will smoothly invade security practices. Training software through logs to detect incidents will be a good starting point.
With the advent of the digital world, laundering money has been able to create new techniques. Two new trends: online gaming, and micro laundering.
Online gaming is not online gambling (which we may have thought about when speaking of illegal activities), it is the use role playing games (RPG) such as World Of Warcraft (WoW) to move money. Indeed many RPG provide the possibility to purchase or sell either virtual coins collected during the game play, or rare virtual artifacts. The trade can use real money. Blizzard recently announced that it will close Diablo III’s market place. A way to avoid this type of issues?
Micro laundering uses services such as PayPal or virtual credit cards and people that will transfer temporary through their accounts. Interestingly, I learned that some Nigerian scams were indeed semi-real. They look for people to transfer illegal money. The people accepting the transfer operation may be rewarded, but this person will be liable for money laundering!!
This activity is described in Jean Loup RICHET’s report “Laundering Money Online: a review of cybercriminals’ methods”. This report gives a high-level view of the new trends. Unfortunately, it misses serious figures, references and technical details. I do not know if there is a non-public version with more information.
If you look for a quick draft overview, it is a good start. Also, a good view on how inventive they can be.
J.-L. Richet, Laundering Money Online: a review of cybercriminals methods, 2013 available at http://arxiv.org/abs/1310.2368.
AVG’s Insight April issue focuses on game hacks. AVG is a Czech anti virus and security solution provider. Without surprise, it claims that 90% of game hacks are infected with malware.
Unfortunately, this assertion is not backed-up by factual data, at least AVG did not publish them.
AVG’s researchers analyzed scores of such hacks and cracks found through metasearch services such as FilesTube and FileCrop, and discovered that more than 90% of them contained some form of malware or malicious code.
To illustrate the issue, the document describes a real example using Diablo III. They downloaded a hack that generates items and gold. AVG anti virus immediately spotted a virus: ILCrypt.
Why should hackers attack gamers? In the paper, AVG focuses on threats related to gaming: theft of account, theft of virtual items and gold. For more details about these threats see Blizzard and the hackers or Gold farming. But malwares could also juts try to take control of the gamer’s computer. The threats are real.
What should we think about this publication? In my opinion, it is merely a piece of advertisement for installing anti virus packages. There are no real published, and the publication lacks consistency and also knowledge of the gaming world. For instance, AVG totally misses the world of mods. Mods are part of many games today. Some mods are fantastic add-ons to renowned games. Nevertheless, AVG’s concerns are valid.
Let’s remind their valid suggestions:
- Have the latest security products installed
- Do not download cracks, hacks, trainers or unofficial patches
- Do download patches only form the official game provider’s website
- Do vary your login details. Use different usernames and passwords for every game account, even for game forums.
On 7 October 2012, the population of the towns of Stormwind, Orgrimmar, Tarren Mill, Ragnaros, Draenor and Twisting Nether were wiped out in a few seconds. This made tens of thousands of dead people. Did you here about this carnage? If not, then you’re probably not a hard gamer.
These towns are in the virtual realms of World of Warcraft (WoW). This is the most deployed MMORPG with millions of players. Thus, those are virtual deaths. And the cause was a hack. It seems that a script allowed to launch an extremely powerful spell (Aura of God) that kills everybody around. The attack was claimed by Jadd.
Blizzard, the developer of WoW, quickly reacted, and hot-fixed the exploit within four hours. In an official statement, Blizzard announced that
It’s safe to continue playing and adventuring in major cities and elsewhere in Azeroth.
Usually attacks on games are more oriented towards either cheating and gaining more money. Jadd claims the exploit just for fun.
An old news, as it started in September. On 8 September 2012, Sendatsu published on the ownedcore a detailed study of the use of watermark within Blizzard’s World of Warcraft (WoW). According to him, it seems that WoW adds an “invisible” watermark to screenshots (at least with JPEG in lower quality). A capture of a screenshot without texture repeatedly produces a pattern similar to this one.
The watermark carries 88 bytes with the account ID, a time stamp and the IP address of the server. Clearly, it does not carry any personal information. It seems that this Digimarc based watermark was in use since 2007 (when screenshots were added).
The aim of this watermark seems obvious to me. There are many illegal WoW servers in the field. Of course, users playing WoW through these non-Blizzard servers do not pay the monthly subscription. This means a loss of revenue for Blizzard. Finding the IP address of such unauthorized servers is a good start to fight piracy back .
Strangely, nobody reported a similar case for other Blizzard MMORPGs such as Diablo III or StarCraft. Is it because nobody looked at, it yet? Or because there is no such watermark (less pirate servers)?
Update (30-oct-12): The allegation that it is a Digimarc solution seems wrong. Thus, currently no clue about the solution provider.
Last year, in November 2010, Microsoft’s Kinect was hacked and its API was illegally published. In an interesting move, Microsoft decided to make the API of Kinect public. Not only was it very positive for Microsoft reputation, but it opened the way to thousands of hobbyists to create astonishing applications using the Kinect.
Microsoft continues to exploit the results of this initial hack. It announced the Kinect Accelerator. This is a contest where ten startups with the best application using Kinect will be supported. The application does not need to use the XBox, it must use the Kinect gear. I believe that it is a smart initiative. It is better to have hobbyists on your side rather than against you.*
Law 2: Know the asset to protect. In that case, the most valuable asset was not the Kinect, it was Microsoft’s relationship with the customers.
Philip Reitinger, CISO of Sony, has announced that about 93,000 accounts on Sony’s systems have been compromised. They monitored a suspect massive set of trials of login/passwords. Most of them were unsuccessful, but about 93,000 succeeded. Most probably, the attackers get access to a database of plugin/passwords of another web site (such information is available on the Darknet).
Some people use the same login/password for different sites. These persons may be the victims of this attack.
We must congratulate Sony for its reaction:
- Transparency; they were clear on what happened, and provided the data. The reaction of customers was extremely positive
- Monitoring: this proves that Sony is carefully monitoring activities to detect strange behaviour or patterns. This is key in security.
- Customers are ready to hear the truth in case of attack. I would even guess that they would rather be aware than listen about it once it is far too late.
- Do not use the same password for all sites, at least not for the critical ones.