Ubisoft Caught Installing Exploitable DRM Plug-in on Users' Machines
July 30, 2012 11:44 AM
comment(s) - last by
Assasin's Creed installs dangerous software -- can we say "class action lawsuit"?
Google, Inc. (
) engineer Tavis Ormandy has created a world of woe for French
software giant Ubisoft
Entertainment S.A. (
) after he
that the company was endangering customers by installing dangerous software that opened a back-door to their machines.
Ubisoft is well known for its
franchises, as well as a number of Tom Clancy titles (e.g. the
series). But according to Mr. Ormandy, Ubisoft's recent software comes with a dangerous attachment -- a browser plugin designed to support the company's secured Uplay service.
The browser plug-in acts as an accidental Trojan, allows arbitrary code execution via the opened "door" inside the affected browser. Ubisoft uses the plugin to check if the installed title is valid, allowing gamers access to online play and achievements. But according to Mr. Ormandy hackers could also exploit the open door in escalation of privileges attacks on the users' machine.
Hundreds of thousands of PC gamers are believed to be affected.
Ubisoft Uplay browser plugin allowed unauthorized acceess to users' machines.
[Image Source: Geek.com]
Affected titles include 5
games, as well as popular titles such as
Driver: San Francisco
. Mr. Ormandy first observed the exploitable plug-in while installing
Assassin's Creed: Revelations
The exploitable plug-in came with installs of Assassin's Creed titles. [Image Source: IGN]
Ubisoft had already upset customers with its DRM scheme, as many complained that they had legitimately purchased titles, but were being locked out of gameplay when their machines were offline. Ubisoft defended this policy.
Now it may be forced to defend itself in court against class action lawsuits for endangering its loyal customers.
The incident is eerily reminiscent to the rootkit discovered on Sony Corp. (
) music CDs several years ago. Sony was
subsequently sued and forced into an apology/settlement
for recklessly endangering its users.
As the plug-in does not mask its presence, in its current form it is closer to an exploitable plug-in aka. an accidental Trojan than a rootkit by definition, hence the text was changed to correct this.
This article is over a month old, voting and posting comments is disabled
RE: DRM should be illegal
7/31/2012 4:11:39 AM
Who is to put the value on what a creation is worth? Who is to say how much money someone should make from a certain creation before you deem that they have fully recouped their costs and have been fully and fairly compensated for the time/effort of creation? Do they release their song/game/movie/painting/book/etc. for say 6 months or 1 year and gather whatever revenue they can, then after that it becomes public domain? Who decides this? Some government body?
You make it sound like you'd prefer it if all creatives only got paid hourly for their work and that's it. (That's essentially what happens for the most part as the company that they work for, not the creatives themselves, usually gets all the earnings ad infinitum.)
No other industry works like this.
What are you talking about? Nearly every industry works like this. Just about everything that involves any sort of R&D works EXACTLY like this. You pay scientists, chemists, engineers, etc. to develop ideas which are evolved over time from product to product, generation to generation. Do you think it would even be possible to have the technology we have if they had to just start from the ground up every time they wanted to develop something? The only part you really HAVE to do over and over again is the manual labor of manufacturing and distribution and the parts themselves. You're looking this from purely labor perspective. Without the architecht, the pyramid workers would simply be moving stone around without reason.
Not everyone in the world is creative. And believe me, having been in the field, it can VERY taxing, frustrating, and all consuming 24/7. Its not easy. Your point of view devalues those people who create the art and ideas and breakthroughs and puts all the value only on the ones directly executing those ideas.
The chance for for potentially unlimited reward is the driving force beind most of the world's creative people who sacrifice everything over and over again in the hopes of "making it". Most will never achieve anything close to fantastic success, but a world without that possibility sounds horribly dismal. It reminds me of the movie Hudsucker Proxy.
"We are going to continue to work with them to make sure they understand the reality of the Internet. A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis
"Call of Juarez: The Cartel" Angers Critics, May be Banned in Mexico
February 22, 2011, 10:01 AM
Assassin's Creed II Stabs Its Way to Success With 1.6 Million Units Sold
November 26, 2009, 9:00 AM
The EFF Wants You to Know About Sony BMG Settlement
March 13, 2006, 2:17 AM
"World's Smallest Chess Code" is a Cheating Novice (But Still Kind of Lovable)
January 28, 2015, 2:24 PM
Microsoft's Windows 10 Now Has "Over 2 Million" Public Testers
January 28, 2015, 9:25 AM
Quick Note: With Windows 10, the Windows Source Hits Build 10,000
January 20, 2015, 2:05 PM
Microsoft Kills "Mainstream Support" Windows 7
January 13, 2015, 1:01 PM
Windows 10's "Spartan" IE11 Variant Will Get Firefox/Chrome-Like Extensions
December 30, 2014, 1:30 PM
Cortana, Xbox App, OneDrive Apps/Settings Backup Added to Windows 10 Build
December 15, 2014, 3:43 PM
Most Popular Articles
Under the Hood: How DirectX 11.3 and 12 Will Supercharge Windows 10 Gaming
January 23, 2015, 12:34 PM
2016 Cadillac CTS-V Packs 640 hp Punch with 200 mph Reach
January 23, 2015, 3:25 PM
Google Fixes Homophobic "Bug" in its Translator
January 27, 2015, 2:31 PM
Microsoft Shows Off Latest Windows 10 Build, Preps it for Next Week Release
January 21, 2015, 2:57 PM
Microsoft to Close Nokia Store, May Lose Over a Hundred Thousand Apps
January 26, 2015, 11:15 AM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information