"
againwetryagain wrote:
"
addiaboli wrote:
"
patlefort3 wrote:
I wouldn't advise anyone that doesn't understand Windows in depth to use that program. People will freak out over nothing.
In your screenshot, it seem to me that PoE is searching for D3DREF9.DLL in all the folders defined in your PATH environment variable, which is normal when an executable wants to use a DLL.
So we need someone who can analyze it or check PoE exe's in IDA etc.
You'll have trouble running PoE's Client.exe in a debugger, quite possibly might get banned since it now tries to register itself as a debugger on itself. I won't mention some other steps because at this point I'm somewhat surprised I haven't already been banned.
Easiest thing to do is to use google and search for hacking websites that mention the game. Specifically, look for the patch number. If you find one of the ones I did, you may be able to read their forums and see at least some of their screenshots of debugger dumps as well as listings of diffs and other telltale signs.
As far as I can tell so far, no one knows exactly what all the client is doing. Perhaps this weekend when some of the top hackers involved have time off work enough to dig in. There is a list of Windows API calls that were added, including those to walk Window's active process list and, most recently, some to read the process images. Exactly what they are doing with that information, how much is being sent back to the servers, how often the code is being run, what triggers it, what is dormant and awaiting activation from server or future patches, all unknown at this time.
For the record, I am not personally involved in reverse engineering any GGG software, in point of fact, I no longer have any GGG software installed on this computer.
At this point, there is at least enough evidence surfacing out there that if you desired, you could likely enlist the aid of a 'white hat' security consultant in further examination of the game software.
My 2c worth.
You probably think they would ban you because you probably are a hacker.
And why is everyone so afraid of GGG all of a sudden? Its not like they dont do anything all your other software isnt already doing.
|
Posted byDeletedon Jan 16, 2015, 9:35:48 AM
|
"
DirkAustin wrote:
You probably think they would ban you because you probably are a hacker.
And why is everyone so afraid of GGG all of a sudden? Its not like they dont do anything all your other software isnt already doing.
I haven't done any serious reverse engineering aka hacking since the late 1980's, I think I may be banned because I doubt they really want me to keep posting, lol.
Why afraid of GGG? Because they have installed, at the very least, the capacity to spy on all my other software and information stored on this computer, into their game. They also did this in secret. Not very trustworthy behavior.
So you think all other software is doing the same? Actually it depends on what software you have installed, what your security settings are, and what your internet habits are. In my case, nope, GGG's software was the only software installed on my system capable of violating my trust. Now of course, being that I'm running Windows, a certain degree of trust in Microsoft is implied. However there are enough watchdogs on them that I'm not concerned about it. Same goes for my browser. I certainly wouldn't have to rely upon accidentally catching wind of a controversy brewing on reddit somewhere and through further investigation finding out the details.
There, I may not like you, I may think you are a troll, but I've done my best to be polite and answer your questions. Now screw off.
My 2c worth.
|
|
"
againwetryagain wrote:
"
DirkAustin wrote:
You probably think they would ban you because you probably are a hacker.
And why is everyone so afraid of GGG all of a sudden? Its not like they dont do anything all your other software isnt already doing.
I haven't done any serious reverse engineering aka hacking since the late 1980's, I think I may be banned because I doubt they really want me to keep posting, lol.
Why afraid of GGG? Because they have installed, at the very least, the capacity to spy on all my other software and information stored on this computer, into their game. They also did this in secret. Not very trustworthy behavior.
So you think all other software is doing the same? Actually it depends on what software you have installed, what your security settings are, and what your internet habits are. In my case, nope, GGG's software was the only software installed on my system capable of violating my trust. Now of course, being that I'm running Windows, a certain degree of trust in Microsoft is implied. However there are enough watchdogs on them that I'm not concerned about it. Same goes for my browser. I certainly wouldn't have to rely upon accidentally catching wind of a controversy brewing on reddit somewhere and through further investigation finding out the details.
There, I may not like you, I may think you are a troll, but I've done my best to be polite and answer your questions. Now screw off.
My 2c worth.
Wow, strong paranoia there. Ban your for posting, really?
And how do you even know that GGG spies on all other software you have? Im sure they dont do that, why would they. They dont want to see some guys porn collection or some illegally downloaded games. All GGG cares about is POE and software interfering with it.
|
Posted byDeletedon Jan 16, 2015, 10:06:37 AM
|
|
Umm.. each time I read DirkAustin post i need to stop myself from stabbing my eyes O_o
You are sure of everything yet you have no proof or idea of what you are talking about and each and every post is the same shit.
You wanna win some "GGG Defender" badge or something like that ?
Like a goddamn religious fanatic..
|
|
"
DirkAustin wrote:
And how do you even know that GGG spies on all other software you have? Im sure they dont do that, why would they. They dont want to see some guys porn collection or some illegally downloaded games. All GGG cares about is POE and software interfering with it.
Well... i am a noob concerning all technical details, but i study business, so i know that there is a lot of money in data mining. Grabbing every information you can get, organaize them and there will be some buyer. So at least i could answer your WHY question xD
What i cant answer is if they actually doing it. I quickly ran a AVG check and it told me that the POE-Client is fine. No idea if thats naiv or not xD
|
Posted bymaulepan#7391on Jan 16, 2015, 10:23:22 AM
|
"
DirkAustin wrote:
And how do you even know that GGG spies on all other software you have? Im sure they dont do that, why would they. They dont want to see some guys porn collection or some illegally downloaded games. All GGG cares about is POE and software interfering with it.
I know because I have read the reverse engineered source code added in their latest two patches that walks the active process list and extracts information. That is, it examines each and every process running on your computer at the same time the game is running. As to what it does with the information, that is less clear. It is entirely plausible that they are sending some of it back to the server, now whether that is in the form of a just names, checksums, or something more given that a call is also made to CreateToolhelp32Snapshot under circumstances. It is a bit puzzling because there is also code that explicitly opens processes and reads the memory belonging to that process from the first patch and the snapshot capability was then added in this latest patch.
Neither you nor I, nor anyone else not directly connected with GGG (and perhaps not even then) know exactly what information GGG intends to extract nor what they plan on doing with it. You may give them the benefit of the doubt, but I do not, especially given the way they snuck this code in. I also don't trust them to get it right, I mean, they're reinventing Warden and Punkbuster in a completely braindead attempt to stop cheaters and botters supposedly. However, any sane person with knowledge of computer security knows this is a doomed effort, witness the repeated failures of the giants in the game industry. They are outnumbered and outgunned, they have no reasonable hope, heck the latest security features in Windows itself are against them. They had to know this going in, so why did they do it? What other possible reason would they have to put, at the very least, the capability to turn their game into spyware on people's computers?
I don't know the answer, and I don't trust their silence.
My 2c anyhow.
|
|
"
maulepan wrote:
"
DirkAustin wrote:
And how do you even know that GGG spies on all other software you have? Im sure they dont do that, why would they. They dont want to see some guys porn collection or some illegally downloaded games. All GGG cares about is POE and software interfering with it.
Well... i am a noob concerning all technical details, but i study business, so i know that there is a lot of money in data mining. Grabbing every information you can get, organaize them and there will be some buyer. So at least i could answer your WHY question xD
What i cant answer is if they actually doing it. I quickly ran a AVG check and it told me that the POE-Client is fine. No idea if thats naiv or not xD
Its silly to run a perfectly fine exe file as it is.^^
Did you really think the POE client which runs the game would show up as spyware/virus/trojan kind of thing?
|
Posted byDeletedon Jan 16, 2015, 10:27:14 AM
|
|
yeah R-E-L-A-X guys GGG is just data mining players in order to sell the data for money to help pay for desync fix :^)
For all your up-to-date Path of Exile news and events, check out the official Path of Exile Forum here -------- http://www.reddit.com/r/pathofexile/
|
Posted bycomm_il_vec#0994on Jan 16, 2015, 10:27:27 AM
|
"
againwetryagain wrote:
"
DirkAustin wrote:
And how do you even know that GGG spies on all other software you have? Im sure they dont do that, why would they. They dont want to see some guys porn collection or some illegally downloaded games. All GGG cares about is POE and software interfering with it.
I know because I have read the reverse engineered source code added in their latest two patches that walks the active process list and extracts information. That is, it examines each and every process running on your computer at the same time the game is running. As to what it does with the information, that is less clear. It is entirely plausible that they are sending some of it back to the server, now whether that is in the form of a just names, checksums, or something more given that a call is also made to CreateToolhelp32Snapshot under circumstances. It is a bit puzzling because there is also code that explicitly opens processes and reads the memory belonging to that process from the first patch and the snapshot capability was then added in this latest patch.
Neither you nor I, nor anyone else not directly connected with GGG (and perhaps not even then) know exactly what information GGG intends to extract nor what they plan on doing with it. You may give them the benefit of the doubt, but I do not, especially given the way they snuck this code in. I also don't trust them to get it right, I mean, they're reinventing Warden and Punkbuster in a completely braindead attempt to stop cheaters and botters supposedly. However, any sane person with knowledge of computer security knows this is a doomed effort, witness the repeated failures of the giants in the game industry. They are outnumbered and outgunned, they have no reasonable hope, heck the latest security features in Windows itself are against them. They had to know this going in, so why did they do it? What other possible reason would they have to put, at the very least, the capability to turn their game into spyware on people's computers?
I don't know the answer, and I don't trust their silence.
My 2c anyhow.
They dont extract anything, they just detect the program you run when the game runs and stuff that interferes with the game, nothing more. Its just pure paranoia to think otherwise.
|
Posted byDeletedon Jan 16, 2015, 10:28:45 AM
|
"
DirkAustin wrote:
"
maulepan wrote:
"
DirkAustin wrote:
And how do you even know that GGG spies on all other software you have? Im sure they dont do that, why would they. They dont want to see some guys porn collection or some illegally downloaded games. All GGG cares about is POE and software interfering with it.
Well... i am a noob concerning all technical details, but i study business, so i know that there is a lot of money in data mining. Grabbing every information you can get, organaize them and there will be some buyer. So at least i could answer your WHY question xD
What i cant answer is if they actually doing it. I quickly ran a AVG check and it told me that the POE-Client is fine. No idea if thats naiv or not xD
Its silly to run a perfectly fine exe file as it is.^^
Did you really think the POE client which runs the game would show up as spyware/virus/trojan kind of thing?
Yes. I expect my AVG to warn me, if some programm read's processes it is not involved in.
Thats my definition of a spyware... please tell me if i am wrong.
Last edited by maulepan#7391 on Jan 16, 2015, 10:30:01 AM
|
Posted bymaulepan#7391on Jan 16, 2015, 10:29:23 AM
|
