It seems that Blizzard’s World Of Warcraft (WoW) has very serious issues with account theft. Why would it be interesting to steal an account of a game? Of course, not to play on the behalf of the stolen gamer, but to steal his/her virtual belongings. There is a black market where you can purchase artifacts, and gimmicks. It is done with REAL money. (This is different from gold farming where somebody looks after your character on your behalf. You pay the farmer for him to increase the level of your character)

The hackers use the usual toolbox such as keylogger or phising. And of course, it works. Once your account stolen, you have two choices; either you expect Blizzard to restore your virtual belonging using backups. Unfortunately, there is a queue of several days (hard task for addicts) or you accept a standard care package.

Blizzard is already proposing a solution for gamers. it is the authenticator token, b a company named Vasco, that serves to log into youraccount. It is similar to the usual RSA ID token used for business VPNs. Of course, this makes the theft more difficult. The use of this token is not yet mandatory!

We see that online games become interesting targets for professional hackers. There is (a lot of) money at stake. Security of games will need to leapfrog.

For more information, check wow.com

Tuesday, October 6, 2009

Gold farming is one of the worst plagues of online games. Gold farming is the generic name for techniques used to generate real money from services or sales of virtual goods in metaverses and online games such as World Of Warcraft (WoW).

An example of services is eastern players who foster a player’s character in order to increase his/her experience. This allows the characters to grow even when his actual “owner” is not connected.

For most online games, the rules of conduct do ban these practices. Nevertheless, a very active ecosystem has grown around these games.

Why is gold farming forbidden? Several reasons:

• Some people worry about the possibility to use it for money laundering.
• Some countries are nervous about the importance of a unregulated virtual currency that would compete with real currency. This is the case for instance for China.
• It is unfair for players. It is considered as a form of cheating. If you can purchase a valuable artifact for real money, you twist the game.
• It consumes many resources. As an illustration, in June Eve online cut off 2% of the accounts that were participating to gold farming. It resulted in a drop of 30% of the server resources. The automatic tools behind the accounts were not anymore active.

Gold farming has a strong impact on the future of an online game. Too much gold farming may increase the feeling that the game was not anymore fair (thus making it less attractive), and clogging the servers (thus reducing the quality of user experience). This may drastically reduce the profitability of the game. Thus, the game providers will fight it by all means.

Unfortunately, there is a lot of money at stake. Thus gold farmers will be creative to “survive”. Money is a strong incentive for piracy. Furthermore, I’m not sure that it is illegal (excepted as a violation of rules of conduct).

Behead The Prophet is the name of an unofficial add-on to World Of Warcraft (WoW). This add-on creates helpers (NPC) that will automatically (once commanded) fulfill some tasks for the player (healing, casting spells, grinding …) It has been presented at defcon17.

This is not the first time that such tool is offered. The interesting part is that such bots are considered as cheating tools by Blizzard Entertainment (the company behind WoW). Using them is a violation of the Terms of Usage.

The design of such tools is driven by different motivations: greed spirit, winning spirit, and hacking (in the golden meaning) spirit

Greed: Real money is exchanged in MMORPG. A typical example is gold farming where people will perform some tasks with your character on your behalf. China becomes worried about gold farming. It is probably not too much about ethics, it is mainly economical. These practices give more value to virtual money (that no State controls) and offer pathways for money laundering.

Winning: Some people want to succeed (with or without ethics). Their avatar will be like that, but they will most probably seek any virtual artifact that may give advantage. then, if they may have access to a tool that may change the odds…

Hacking spirit: This is a new frontier. It is a marvelous playground for programmers to test scripts, automation tools, … It is also a fight against the machine. This is rather similar with the community of home brew for the game consoles such as Wii or PS3.

Regardless of copyright issues, is Blizzard right to fight such unauthorized add-ons? Yes. Many of the players appreciate to struggle in these worlds because they have a fair chance to succeed. Everybody is with the same rules. Would there be many cheaters, then this assumption would be wrong. Increasing cheating would reduce the attractiveness of the game, thus meaning loss of players, thus loss of money.

Nevertheless, finding a solution to channel the creativity of the developers’ community could be worthwhile: for instance, through dedicated servers, or contests. This would most probably generate nice advances for Blizzard to integrate in newer version.

The long awaited Sims 3 were expected to be officially worldwide launched on 2nd June. Electronic Arts, following the outcry against DRM within Spore, decided to stay with its usual disc activation without online authentication.

It seems that this gesture of good will was not sufficient. The game is already available on P2P networks. It leaked beginning of this week. The version seems to work (at least when reading the comments) and is delivered with the crack. Three versions seem available. The 5.6Gb Iso file has already more than 3.000 seeders. No doubt that it will be a success in the download top ten.

After the leak of “Wolverine”, it is the turn of EA. Unfortunately, this is a final version. Will that impact the sales? It is sure that this game was waited for a very long time by aficionados. It became even worse when EA announced a multi-month delay. For sure, eagerness to get the hand on the game asap will push people to download it. How many of them will turn back to the official version once available?

The game industry has the same issue than the movie industry with the leak before release. Finding efficient solutions is probably more difficult for games. Date enforcement and traitor tracing should be interesting topics to investigate.

Let’s wait the 2nd July to see the impact. By the way, the comments of downloaders are extremely positive on the game itself. :Happy:

It was not long. Yves was right. In november, I announced that Nintendo DSi was running with linkers/flash cards or whatever name. Yves prophetized that it would not take long.

Yesterday, AceKard announced that it cracked DSi and will soon release a new product Acekard 2i. Acekard posted a 7 minute video on YouTube to demonstrate that it works. And it seems to work. Two weeks ago, Acekard already posted a video with its first advances. Nevertheless, they announced “This is a lab work, it works ONLY in LAB. Even though we can go this far, it is almost impossible to make a commercial product.
There is a major problem that can’t be resolved, at least for now.” It seems they solved the problems.

DSi is alredy a commercial success for Nintendo. They already sold more than 500,000 consoles! Being the first, if proven that it works, will also be a commercial success for Acekard. NOw we will see would will the next ones. In any case, Acekard seems to have proven that it was feasible.

Once more, law 1 was true.