Game Studio Found To Install Malware DRM On Customers' Machines, Defends Itself, Then Apologizes

from the that-was-quick dept

The thin line that exists between entertainment industry DRM software and plain malware has been pointed out both recently and in the past. There are many layers to this onion, ranging from Sony's rootkit fiasco, to performance hits on machines thanks to DRM installed by video games, up to and including the insane idea that copyright holders ought to be able to use malware payloads to "hack back" against accused infringers.

What is different in more recent times is the public awareness regarding DRM, computer security, and an overall fear of malware. This is a natural kind of progression, as the public becomes more connected and reliant on computer systems and the internet, they likewise become more concerned about those systems. That may likely explain the swift public backlash to a small game-modding studio seemingly installing something akin to malware in every installation of its software, whether from a legitimate purchase or piracy.

FlightSimLabs, a studio that specialises in custom add-ons for other company’s flight sims, has been found to be secretly installing a program onto user’s computers designed to check whether they’re playing a pirated copy of their software.

The code—basically a Chrome password dumping tool— was discovered by Reddit user crankyrecursion on February 18, and as TorrentFreak reportwas designed to trigger “a process through which the company stole usernames and passwords from users’ web browsers.”

Whatever fuzzy line might exist between DRM payloads and malware, this specific deployment appears to have crossed it in a very big way. The extraction of user names and passwords for infringers would be a step too far on its own, but the real problem is that the executable that does all of this was included in every copy of the software FlightSimLabs provided, including those from legit purchases.

Lefteris Kalamaras, who runs FlightSimLabs, admitted that the installation of a file named "test.exe" was included in the software installation, but insisted that it was only weaponized when a pirated copy of the software is detected.

First of all - there are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products. We all realize that you put a lot of trust in our products and this would be contrary to what we believe.

If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us. “Test.exe” is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally. That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product. The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers).

This attempt at an explanation failed to assuage the gaming community for understandable reasons. To include a program capable of extracting passwords in a flight simulator mod is flatly insane. The only proper description for such software would be malware and that malware was installed on the machines of customers of FlightSimLabs that had properly paid for its products. The claim that this malware remained dormant for those purchasing the mods would be the same as claiming that each of our homes have been outfitted with bombs without our knowledge, but those bombs will only be activated if the home builder thinks we're doing something illegal. This is all wide open for mistakes, abuse, and for other bad actors to swoop in on these customers and make use of the software for nefarious reasons.

Shortly after Kalamaras' "explanation", FlightSimLabs updated the mods in question with the malware removed entirely. The company also updated its community with an apology that still somewhat misses the mark.

We have already replaced the installer in question and can only promise you that we will do everything in our power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, we humbly apologize!

This isn't about "feeling offended", it's about the company breaking the trust of its customers by installing what is clearly malware on their machines. That isn't the type of bad act a company should be able to come back from.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: drm, flight sim, keylogger, malware
Companies: flightsimlabs


Reader Comments

The First Word

I was wondering if this would be covered here after seeing it elsewhere a few days back. A few thoughts raised in discussions there:

- First, this is clearly illegal. No matter the motivation, they installed malware that has the express purpose of taking someone else's credentials. Furthermore, there's claims that they actually have used the logins obtained and posted screenshots as evidence in their forums. That's another law broken.

- Second, the installer exists on every copy that was installed. While the devs claim it was never triggered, every copy contained malware that was distributed to users' machines.

- Thirdly, while the devs claim it would never have been triggered on an innocent user's machine, they have acted so dishonestly that we cannot simply take their word. How do we know their information about "pirate serial numbers" was accurate? How do we know there wasn't the wrong number in the wrong database or wrongly flagged details? How do we know it couldn't be triggered by a reinstall, legitimate install on another machine, etc.? Even if they think their detection code was perfect (and no code is), there's room for error. That's one major reason I'm opposed to DRM - it inevitably affects innocent people.

- Finally, even if they are correct that *they* never used the malware on innocent people, what about others? From what I understand, they actually told people to disable their anti virus products when installing this because they were (correctly) identifying the installer as malware. As well as the chance their own malware could be misused, they subjected their customers to a non-zero chance of being infected with others.

Honestly, I hope they're prosecuted to the limits of the law. Which shouldn't be hard, since as I understand it they're headquartered in the EU, and we tend to have strict data protection laws. They have committed crimes and need to be punished. Whatever your opinion on piracy, committing further crimes and endangering your customer base is not the way to fight it.
—PaulT

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 23 Feb 2018 @ 3:33am

    I give it 6 months untill we get the Techdirt article about a studio installing a crypto currency miner on customers' computers as part of their DRM too.

    link to this | view in thread ]

  2. icon
    PaulT (profile), 23 Feb 2018 @ 3:45am

    I was wondering if this would be covered here after seeing it elsewhere a few days back. A few thoughts raised in discussions there:

    - First, this is clearly illegal. No matter the motivation, they installed malware that has the express purpose of taking someone else's credentials. Furthermore, there's claims that they actually have used the logins obtained and posted screenshots as evidence in their forums. That's another law broken.

    - Second, the installer exists on every copy that was installed. While the devs claim it was never triggered, every copy contained malware that was distributed to users' machines.

    - Thirdly, while the devs claim it would never have been triggered on an innocent user's machine, they have acted so dishonestly that we cannot simply take their word. How do we know their information about "pirate serial numbers" was accurate? How do we know there wasn't the wrong number in the wrong database or wrongly flagged details? How do we know it couldn't be triggered by a reinstall, legitimate install on another machine, etc.? Even if they think their detection code was perfect (and no code is), there's room for error. That's one major reason I'm opposed to DRM - it inevitably affects innocent people.

    - Finally, even if they are correct that *they* never used the malware on innocent people, what about others? From what I understand, they actually told people to disable their anti virus products when installing this because they were (correctly) identifying the installer as malware. As well as the chance their own malware could be misused, they subjected their customers to a non-zero chance of being infected with others.

    Honestly, I hope they're prosecuted to the limits of the law. Which shouldn't be hard, since as I understand it they're headquartered in the EU, and we tend to have strict data protection laws. They have committed crimes and need to be punished. Whatever your opinion on piracy, committing further crimes and endangering your customer base is not the way to fight it.

    link to this | view in thread ]

  3. icon
    That Anonymous Coward (profile), 23 Feb 2018 @ 3:54am

    "We have already replaced the installer in question and can only promise you that we will do everything in our power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, we humbly apologize!"

    Offended - such an odd word choice to use when you introduced malware on to your customers computers.

    Offended would have covered you if you had put in a german bomber with nazi insignia. You deliberately made your customers computers less safe. You used your key to SIGN malware as being okay.

    This isn't an apology, this is a oh we got caught so we're gonna say sorry & move on.

    You destroyed your brand. You took all possible goodwill from paying customers & flushed it to nail some pirates. This is the same lesson we see companies missing over and over... you care more about pirates than if your paying customers are getting the best possible product... then are shocked that the numbers of pirates grow because the pirate product sucks way less.

    You signed malware.
    How do you expect a single customer to trust you ever again?
    How do you expect that no one is going to complain to all sorts of legal bodies about you knowingly & willingly disguising malware as trusted software & put it on the computers of paying customers?

    This isn't the oh an ad on our site did it... this was a thought out plan to punish a few that opened up your paying customer base to bad things. We thought he might steal and apple so we mixed in grenades painted red... but trust us they'll only go off if the bad guy touches them.

    You were most likely never going to see any money from people who pirated your product, and how much money did you just lose in refunds to 'offended' customers & future customers who enjoy the game but can't trust you moving forward?

    But hey you cut your nose off, I'm sure your face feels the spite.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 23 Feb 2018 @ 4:03am

    You would think that, but no

    "That isn't the type of bad act a company should be able to come back from."

    They'll do just fine. They'll offer a discount or some free add-ons, they'll obfuscate, they'll lie, they'll deny, they'll issue bogus apologies (just like this one), and in the end they'll survive. Or they'll just shut down, rename themselves, and re-open, then get right back to what they were doing.

    This is a textbook example of a company that gamers should immediately drive out of business. But they won't. Because ...repeat after me: gamers are stupid.

    Think I'm wrong? Okay. Let's wait and see. I'd be delighted to be proved wrong, and if I am, I'll post here and admit it. But I doubt I will be.

    link to this | view in thread ]

  5. icon
    PaulT (profile), 23 Feb 2018 @ 4:09am

    Re: You would think that, but no

    Oh dear, yet another attack on gamers as if they're a hive mind and unique compared to consumers of other media. Hell, the types of people described here aren't even gamers in the standard sense and what they are buying is only a game in the most vague sense of the term.

    But, hey, you can attack other people rather than address any of the issues raised and feel smug about it so it's all good, right?

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 23 Feb 2018 @ 4:13am

    Re:

    How do we know that a man with a subpoena and gag order has not demanded its use to open up a suspects online accounts.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 23 Feb 2018 @ 4:17am

    Now I'm imagining a burglar, after clearing out someone's house, being all

    "I have already left the house in question and can only promise you that I will do everything in my power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, I humbly apologize!"

    While sitting on a pile of the family's stuff....

    link to this | view in thread ]

  8. icon
    PaulT (profile), 23 Feb 2018 @ 4:26am

    Re: Re:

    We don't. That is also another problem with their "trust us" approach to their list of "pirate serial numbers". How do keys end up on the list?

    link to this | view in thread ]

  9. icon
    PaulT (profile), 23 Feb 2018 @ 4:28am

    Re:

    To add to the analogy, he's also saying "what I did wasn't really illegal because I'm sure the guy who lives in that house was the guy who stole my car"

    link to this | view in thread ]

  10. icon
    Stephen T. Stone (profile), 23 Feb 2018 @ 4:48am

    Re: You would think that, but no

    gamers are stupid

    Please present a better argument than this.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 23 Feb 2018 @ 4:48am

    IANAL but it seems pretty clear that there's at least one CFAA violation (if not more) a Federal DA's office can use to go after them. Considering FSL publicly confessed online what they were doing this should be an open and shut case.

    The feds went after A.S. for less, why shouldn't they go after FSL?

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 23 Feb 2018 @ 5:29am

    Re: Re: You would think that, but no

    Let's wait and see what happens.

    If this company is driven out of business by gamers, then I'll acknowledge that I was wrong -- this time.

    But if this company survives (either in its current name/form, or after a dodge), then I was right -- again.

    But you should notice that the reason this company thought they could do this and get away with it is that they agree with me: they've watched the same things that I have, and they've realized that gamers are stupid. There's no way they would have tried this trick if they felt otherwise.

    link to this | view in thread ]

  13. icon
    Roger Strong (profile), 23 Feb 2018 @ 5:40am

    Re: Re: You would think that, but no

    Declare himself a gamer?

    link to this | view in thread ]

  14. icon
    Roger Strong (profile), 23 Feb 2018 @ 5:49am

    I've stripped DRM out of a game because that's what was necessary to play it.

    I've purchased a game and found the original shrink-wrap still inside the box. Apparently purchased, the serial number recorded, returned and re-shrink-wrapped.

    In both cases legitimately purchased. And in both cases they would be declared "pirated." These crooks would have used that to harvest my passwords and use them against me.

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 23 Feb 2018 @ 5:49am

    Re:

    Don't you know that the law is only for the little people?

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 23 Feb 2018 @ 6:01am

    Re: Re: Re: You would think that, but no

    You realize that it takes a lot to run a business into the ground, right? You're not just talking about punishing the company for this misdeed; you're going to have to exhaust whatever war chest full of resources they have. Probably through litigation, which in itself is unlikely to come to fruition, because who's going to fund that initiative? Gamers are not going to have that sort of disposable income; that shit's for corporations. And how much punishment do you expect to be levied out? This is shady behavior, I'll agree, but it's not Enron-level conspiracy that a judge would think merits cleaning the company out of house and home.

    In other words, that's a pretty bloody ridiculous set of criteria. Companies think they can get away with shit all the time regardless of what industry they're in. What will it take for you to not blame gamers for once, especially those who didn't buy or pirate the game to begin with? Have the company employees summarily executed and their corpses nuked from orbit? Is that the only way to make sure?

    link to this | view in thread ]

  17. identicon
    David, 23 Feb 2018 @ 6:04am

    Isn't it time we see some jail time for those DRM-based blackhats?

    With all the law's infatuation with hacking laws and unauthorized access and whatnot, how about we see something like 5+ years of board member jail time for such criminal endeavours committed by companies against its customers?

    link to this | view in thread ]

  18. icon
    Roger Strong (profile), 23 Feb 2018 @ 6:13am

    Re:

    I'm also curious about how they handle shared computers. How do they know that the passwords they steal and weaponize are from the same user who pirated their software?

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 23 Feb 2018 @ 6:23am

    Re: Re: Re: You would think that, but no

    People are stupid ... ftfy

    People who play games are no different, as are people who fly kites - no different, they are all stupid ......

    But not you - amirite?

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 23 Feb 2018 @ 6:26am

    "“Test.exe” is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally. That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product."

    The problem with creating this sort of thing is that eventually, you're going to screw over legitimate customers with false positive detections, as inevitably happens with DRM systems. When will developers finally learn from their repeated mistakes?

    link to this | view in thread ]

  21. icon
    That Anonymous Coward (profile), 23 Feb 2018 @ 6:33am

    Re: Re: You would think that, but no

    One does have to admit there is a history of game companies treating their customers like absolute crap & other than some outrage online they flock to buy the next big thing they offer.

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 23 Feb 2018 @ 6:34am

    Re: Re:

    By the same method that copyright trolls know that the account holder is the infringer.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 23 Feb 2018 @ 6:37am

    Re:

    >When will developers finally learn from their repeated mistakes?

    Most of the push for DRM comes not from the developers, but rather from the senior management, because they are making sure that the companies investment is protected.

    link to this | view in thread ]

  24. icon
    PaulT (profile), 23 Feb 2018 @ 6:49am

    Re: Re: Re: You would think that, but no

    Do you apply the same logic to TV watchers, music listeners, novel readers, toy collectors, car enthusiasts, comic collectors, radio listers, etc.,etc? How they're all useless and idiots if they don't react in the same way you want them to when their respective industries pull these kinds of things? If not, you're just being a dick.

    Also, mainstream audiences are usually not aware of these things, and you handily ignore the many, many people who do indeed react to them. It must be nice to have such a simplistic view of the world and not have to deal with complicated reality when you have a handy group to scapegoat.

    "There's no way they would have tried this trick if they felt otherwise."

    Bull. They thought that a) they wanted to get back at the people they felt were "stealing" from them, b) that the ends justified any means and c) nobody would find out. Adding anything else is just your own prejudices getting in the way.

    Plus, as I mentioned, referring to flight simulation enthusiasts as "gamers" in the general sense is a hell of a stretch, even if you were right about gamers being a hive mind (which you are absolutely not).

    link to this | view in thread ]

  25. icon
    PaulT (profile), 23 Feb 2018 @ 7:01am

    Re: Re: Re: Re: You would think that, but no

    Although his argument is idiotic to begin with, as "gamers" represents a huge cross-section of every part of the general population, these aren't really gamers.

    From what I've read, these are people who are buying very specialised add-ons for flight simulator programs, the add-ons alone costing $100+. They want hugely accurate simulations of particular aircraft, and are willing to pay a premium for that detail.

    That audience have hugely specific needs and few suppliers, so even if they do "get away" with this, it's probably because there's nobody else doing the work they do. These aren't people up for a quick game of the latest MMO or FPS, they're a very particular group of people who don't have another company lining up to give them the specific add-on they need to "fly" the plane they want to with the required level of accuracy.

    He's a dick with a stupid idea of a point to begin with, but to refer to these people as being the same as mainstream gamers is particularly stupid.

    link to this | view in thread ]

  26. icon
    PaulT (profile), 23 Feb 2018 @ 7:04am

    Re: Re: Re: You would think that, but no

    There's also a history of people boycotting them, and a history of similar behaviour directed toward people who consume other kinds of media. But, I don't recall seeing idiots like this attacking all music listeners because they continued to buy music after the Sony DRM fiasco.

    link to this | view in thread ]

  27. icon
    PaulT (profile), 23 Feb 2018 @ 7:06am

    Re: Re:

    Indeed, one thing people need to stop doing is referring to "developers" when things like this happen. They *might* be the people implementing such things (although the people who developed the game might not be the people implementing the DRM), but it's often not their choice if they do.

    link to this | view in thread ]

  28. identicon
    David, 23 Feb 2018 @ 7:13am

    Slight correction:

    s/protected/imploded/

    link to this | view in thread ]

  29. identicon
    Thad, 23 Feb 2018 @ 7:39am

    Re: Re: You would think that, but no

    Please present a better argument than this.

    You know he isn't going to. You also know that by responding to him, you're only encouraging him. Or at least you should know that.

    link to this | view in thread ]

  30. identicon
    Anonymous Coward, 23 Feb 2018 @ 7:48am

    Re: Re: Re: Re: You would think that, but no

    I'd settle for an effective boycott. No litigation necessary, no nuking from orbit necessary. All that's required is some self-control: stop buying their stuff. Forever. That's it. All gamers have to do is leave their wallets in their pockets/purses. Simple. Easy.

    No matter how deep their pockets, if their sales drop to zero and stay there, they'll have a difficult time continuing. (Well at least in current form. I wouldn't be surprised to see them shut down and resurface under another name.)

    Let's see if gamers can collectively make this happen. I would applaud that. (Yes really.) But I think the more likely outcome is that the storm will pass, this company will survive and they'll do it again.

    Let's check back on this in 2020 and see which way it went.

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 23 Feb 2018 @ 7:53am

    Re: Re:

    I thought DRM was pushed by the publisher(s).

    link to this | view in thread ]

  32. icon
    OA (profile), 23 Feb 2018 @ 7:56am

    Re:

    Unambiguously criminal.

    link to this | view in thread ]

  33. icon
    PaulT (profile), 23 Feb 2018 @ 8:06am

    Re: Re: Re: Re: Re: You would think that, but no

    "Let's see if gamers can collectively make this happen"

    Sigh...

    Once again - most gamers are *already* not buying their stuff. This is a hugely niche market with very limited appeal, and the people who do buy them are only "gamers" by the vaguest application of the term.

    Also, once again, why do you think that "gamers" are a hive mind? Lots of gamers already boycott the likes of EA due to their actions. Do they not count just because they supply mainstream audience who don't know or care about this stuff? If so, do you also attack music listeners because Sony Music isn't out of business yet, or are you just hypocritical?

    link to this | view in thread ]

  34. icon
    E. Zachary Knight (profile), 23 Feb 2018 @ 8:07am

    Re: Re: You would think that, but no

    Despite the absolute deluge of disgust and contempt for EA after its Battlefront lootbox fiasco, the game has gone on to sell gangbusters. So I think that in general, gamers have a really hard time sticking to boycotts.

    link to this | view in thread ]

  35. icon
    OA (profile), 23 Feb 2018 @ 8:07am

    Re: You would think that, but no

    If I may offer some advice, try not to internalize stuff like this too much. Experience makes me think these comments are a reaction to savoring despair about something. Step back to see thinks more clearly. You can be right(ish) and still be wrong.

    link to this | view in thread ]

  36. identicon
    John E Cressman, 23 Feb 2018 @ 8:11am

    Offended?!

    Wouldn't that be considered a violation of the Computer Fraud act?

    I doubt anyone authorized them to take usernames/passwords from their machine, so it becomes an unauthorized use of a computer - and thus wouldn't it be subject to the Computer Fraud Act?

    link to this | view in thread ]

  37. icon
    Roger Strong (profile), 23 Feb 2018 @ 8:15am

    Re: Offended?!

    I doubt anyone authorized them to take usernames/passwords from their machine,

    No doubt the user had to click "I Agree" on a license agreement with 30 pages of legalese, with a clause vaguely authorizing the malware.

    link to this | view in thread ]

  38. icon
    Mason Wheeler (profile), 23 Feb 2018 @ 8:24am

    The thin line that exists between entertainment industry DRM software and plain malware

    I'mma stop you right there. No such line exists, or has ever existed. The sooner we acknowledge this simple fact, the sooner we can get around to fixing it.

    link to this | view in thread ]

  39. icon
    Toom1275 (profile), 23 Feb 2018 @ 8:24am

    Re:

    While not included as DRM, gere's a gaming company that pushed a clandestine bitcoin miner in one of its software client updated five years ago:

    https://arstechnica.com/information-technology/2013/05/secret-bitcoin-mining-software-added-to-v ideo-game-sparks-outrage/

    link to this | view in thread ]

  40. identicon
    Anonymous Coward, 23 Feb 2018 @ 8:35am

    Re: Re: Re:

    They were looking for the keys that were listed on The Pirate Bay with their software.

    link to this | view in thread ]

  41. icon
    PaulT (profile), 23 Feb 2018 @ 8:49am

    Re: Re: Re: Re:

    If so, then there was a fair chance that a key matched that of a legitimate customer. Which is why their "trust us, we only attacked pirates" claim rings very hollow.

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 23 Feb 2018 @ 8:52am

    Re: Re: Re: Re:

    In that case the question should really be – How many ‘false positive’ computers they troll through until they found whoever it was they tried to dox

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 23 Feb 2018 @ 9:27am

    Re: Re: Re: Re: Re:

    UGH! Please forgive my piss poor sentence structure above. I need more coffee.

    How many 'false positive' computers did FS Labs troll through in order to find the one person that they doxxed?

    Seems to me those each one of those 'searches' would constitute a serious invasion of privacy both criminal and civil.

    link to this | view in thread ]

  44. icon
    Rosie-Redstar (profile), 23 Feb 2018 @ 9:31am

    Re: You would think that, but no

    Gamers have helped solved many problems and have also been helpful for research.

    The Corrupted Blood incident of W.O.W led to research by people from universities using the incident as a model for the spread of real word spread of diseases. One known example was a paper co-written by Nina Fefferman from Tufts University and Eric Lofgren from The University of North Carolina.

    Researchers also once used a game about protein folding named Foldit to solve the structure of an enzyme used by HIV/AIDS for reproduction.

    To assume that the audience of an entire of an entire medium is stupid would be not only prejudice, but also 'stupid' because it means willfully overlooking the benefits to society to promote an incorrect ideal for them to attempt to justify.

    link to this | view in thread ]

  45. identicon
    Anonymous Coward, 23 Feb 2018 @ 9:35am

    Is a victim of this malware attack allowed to hack-back like some politicians suggest business be allowed?

    I doubt it. There is no equality here, greed rules while society suffers.

    link to this | view in thread ]

  46. identicon
    Anonymous Coward, 23 Feb 2018 @ 9:44am

    Re: Re: Re: Re: You would think that, but no

    "Do you apply the same logic to TV watchers, music listeners, novel readers, toy collectors, car enthusiasts, comic collectors, radio listers, etc.,etc? How they're all useless and idiots if they don't react in the same way you want them to when their respective industries pull these kinds of things? "

    Yes. I do. Consumers have enormous power and they have an incredibly simple way of exerting it: do nothing.

    That is, don't buy certain goods or services. It's free. It's easy. It can be done anytime, anywhere. It's simple. It's straightforward. And it has a long track record of being quite successful when it's done diligently. But it does require self-control. It means not going to that movie that you want to see or not buying that car or whatever. You have to be willing to forgo the good/service (in the short term) in order to make it better (in the long term).

    I do it. Let me give you an example: years of reading this site (among others) have convinced me that I need to boycott the MPAA/Hollywood/etc. I haven't been to a movie theater in well over a decade. I haven't purchased or rented any movies either. Yes, this is sometimes annoying and inconvenient; sometimes I take crap for it from my family; sometimes I miss out on things I'd like to see. But I do it because I believe that I should.

    I expect no more and no less from anyone else, as it applies to them. (That is, I don't expect everyone to boycott movies just because I do. If they don't agree with my viewpoint, of course they shouldn't.) JFC, if this company did to me what it did to its customers, I would never even DREAM of giving them another dime and I would yell from the rooftops trying to tell everyone else to boycott them too.

    "Bull. They thought that a) they wanted to get back at the people they felt were "stealing" from them, b) that the ends justified any means and c) nobody would find out. "

    Maybe. That's possible. But I think (d) they didn't care if anyone found out. They knew, as I do, that even in the worst case, they'd end up getting away with it. I hope I'm wrong and you're right. But I'm not betting that way. It will be fascinating to see if we ever find out the truth: maybe, if this ends up in court, there will be a discovery process and that will tell us what reasoning really took place. Or maybe we'll never know.

    link to this | view in thread ]

  47. identicon
    Anonymous Coward, 23 Feb 2018 @ 9:45am

    Re:

    How do we know their information about "pirate serial numbers" was accurate?

    We know it's not. Whatever they call a "pirate" number would've been a legitimate one for the first person that got it, who may not even have any relation to whoever leaked the number. Maybe, ironically, that user had malware leak it to the "pirate".

    link to this | view in thread ]

  48. identicon
    Anonymous Coward, 23 Feb 2018 @ 9:54am

    Re: Re: Re: Re: You would think that, but no

    You realize that it takes a lot to run a business into the ground, right?

    One commercial failure can sink a company, and there are myriad examples of such. Their "warchests" are generally smaller that you think. How diversified do you think this company called "FlightSimLabs" is?

    link to this | view in thread ]

  49. icon
    PaulT (profile), 24 Feb 2018 @ 1:17am

    Re: Re: Re: Re: Re: Re:

    Hey, I understood you the first time so don't worry :)

    But, it's worth pointing out that "I was only trying to steal the passwords of the bad guy" is not and should not be a valid defence in court. It's a serious invasion of privacy whether or not you believe the victim deserved it.

    link to this | view in thread ]

  50. icon
    PaulT (profile), 24 Feb 2018 @ 1:24am

    Re: Re: Re: Re: Re: You would think that, but no

    "Yes. I do."

    OK, good. I never see people like you attack them as a group when something affects their chosen medium, but if you're telling me the truth then at least you're honest even if I don't agree with you.

    "That is, don't buy certain goods or services"

    Good for you. But, this is where you get stupid - so do a lot of gamers. When you attack gamers as a group, you're attacking people who ARE doing exactly what you want them to.

    "Or maybe we'll never know."

    Honestly, the company in this case is so insignificant and caters to such a small market to begin with, the only way you'll ever notice is on a followup article on sites like this saying "hey, remember these assholes?". Their success or failure will mean nothing to the overall industry.

    Which is another reason why your attacking all gamers on the basis of this is moronic. The vast majority of gamers are already essentially boycotting their products. You'd have some semblance of a point if you were attacking people who still buy EA products (although, again, by attacking all gamers you'd be attacking those who DO boycott EA), but to pretend that the audience for this company represent all gamers is idiotic.

    link to this | view in thread ]

  51. icon
    PaulT (profile), 24 Feb 2018 @ 1:26am

    Re: Re:

    Well, not knowing their process it's possible that they know that the keys involved were generated with a keygen and were never assigned to a retail product. But, in order to believe this they're asking for a level of trust they haven't earned.

    link to this | view in thread ]

  52. icon
    PaulT (profile), 24 Feb 2018 @ 1:29am

    Re: Re: Re: Re: Re: You would think that, but no

    Specialised companies can last longer than generalised ones. They are often the only supplier in their market - which is why companies sometimes think they can get away with behaviour like this. If someone wants an addon for simulating aircraft X, the customers may literally have no other choice.

    link to this | view in thread ]

  53. identicon
    Anonymous Coward, 24 Feb 2018 @ 4:03am

    r/stallmanwasright

    link to this | view in thread ]

  54. icon
    Toom1275 (profile), 24 Feb 2018 @ 11:51am

    From the Ars article: "Kalamaras confirmed that the suspicious tool included with From the the installer was intended to extract Chrome Web browser information from those using pirated copies of the game. However, he writes, that tool was only activated in the case of one specific pirate who had been identified as creating and distributing illicit registration keys via an offline key generation tool.

    "We even went so far as to figure out exactly who the cracker was (we have his name available upon request of any authorities), but unfortunately we could not be able to enter the registration-only websites he was using to provide this information to other pirates," Kalamaras writes. "We found through the IP addresses tracked that the particular cracker had used Chrome to contact our servers, so we decided to capture his information directly—and ONLY his information (obviously, we understand now that people got very upset about this—we're very sorry once again!) as we had a very good idea of what serial number the cracker used in his efforts."

    Using this method, Kalamaras writes, the FSLabs team was able to "dump that cracker's information needed for us to gain access to those illicit websites, so we could then forward the information to proper legal authorities." What he and his team found, he writes, was "an entire web of operations" dedicated to pirating multiple flight simulators.

    Kalamaras emphasized numerous times in his message that the browser-dumping tool in question "will never execute on your machine" unless you are that one specific, targeted cracker. Nonetheless, he also apologized multiple times for even temporarily placing the inactive tool on users' hard drives during the installation process and said he understood why people felt their trust had been violated. Any legitimate customers can request a full refund from the company."

    link to this | view in thread ]

  55. icon
    Madd the Sane (profile), 24 Feb 2018 @ 7:07pm

    Re: Re: Re:

    Depends on how big the company is. If the company is beholden to a publisher, yes. If the company is big enough to be publicly traded, it might be the CEO beholden to the shareholders.

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 24 Feb 2018 @ 11:13pm

    However, such "tattle tale" devices can defeated with a firewall

    I know this becuase back in the late 1990s, I used CyberSitter without paying for it, becuase credit card transactions were not as secure back then, and I was not going to risk my credit or debit card numbers.

    My dad had a cleaning lady that sometimes brought her kids with her, so I had that on my computers, to keep them from accessing porn.

    What I did was find the IP address that Solid Oak used to report installations to Solid Oak and I never heard a thing from them.

    Blocking a "tattle tale" device, as it were, did not violate the DMCA, as I was not doing that for any kind of commercial gain, so I was not committing a felony crime blocking those IP addresses at the firewall level

    link to this | view in thread ]

  57. identicon
    Anonymous Coward, 25 Feb 2018 @ 1:40am

    Re:

    people forget
    -Pete Townsend

    link to this | view in thread ]

  58. identicon
    Anonymous Coward, 25 Feb 2018 @ 1:42am

    Re: Re: You would think that, but no

    What would that be? The EA thing is the tip of the iceberg, yet there they stand.

    link to this | view in thread ]

  59. identicon
    Anonymous Coward, 25 Feb 2018 @ 1:45am

    Re: Re: Re: You would think that, but no

    Ya, but stupid is the wrong word to describe why they continually do it. The majority are not stupid. Everything falls somewhere under the bell curve.

    link to this | view in thread ]

  60. identicon
    Anonymous Coward, 25 Feb 2018 @ 2:10am

    Re: Re: You would think that, but no

    words mean things, till they don't...

    link to this | view in thread ]

  61. identicon
    Anonymous Coward, 25 Feb 2018 @ 2:12am

    Re: Re: Re: You would think that, but no

    like stupid. Be more literal in your descriptions. That is not the word you want.

    link to this | view in thread ]

  62. icon
    John85851 (profile), 25 Feb 2018 @ 10:30am

    Re: You would think that, but no

    I agree that they'll do just fine. There will be some outrage and they may lose some customers in the short-term, their their look-term outlook is as good as EA's.

    The bottom line is this company (like EA) makes content that people think is high quality that can't be found anywhere else, by any other company, and the customers are willing to pay for. I'm not accusing any gamers of being "stupid" or anything like that, but when a company like this is the only one making high-quality aircraft sim models, then the customers will overlook and forget issues like this.

    link to this | view in thread ]

  63. identicon
    Anonymous Coward, 25 Feb 2018 @ 9:23pm

    Re:

    You signed malware. How do you expect a single customer to trust you ever again?

    Because the gamers don't care, they buy this shit by the boat load, DRM, and they'll continue buying it. Hell, there's probably a few obsessed fans out there that are cheering them on for taking aim at the "pirates". They won't change their behavior at all. Much like a beaten wife, they're sympathetic to their torturer's cause. Much like an addict, they need the release from it. I'm not saying that they are stupid, but don't expect change to come from them, and don't expect them to side with you if you try to change the state of things yourself. They in many instances, but not all, are just as much your enemy as the company is, and they will fight you to the last to protect it.

    In retrospect, this should be another nail in the coffin for "trusted" software. Or at least it should be. All that signature says is that some identity approved of it, and that it hasn't been altered since that approval was made. But as we've seen here, real trust isn't based on remote attestation, or blind faith, like how all of these "secure" and "trusted" platforms demand. Real trust is based on actions. If you ignore that simple fact, you shouldn't be surprised when something like this happens. You put blind faith into some random identity and they abused it. Worse, now you can't correct that without their blessing. That is the worst possible state of affairs you could possibly imagine. Being at the whims of someone ready and willing to take advantage of you with no reasonable way to stop it.

    Buckle up guys, it's only going to get worse from here on out.

    link to this | view in thread ]

  64. icon
    That One Guy (profile), 25 Feb 2018 @ 10:42pm

    Re: Re: Re: Re: You would think that, but no

    Yeah, funny how that works.

    Article about video game company doing something stupid/malicious? Guaranteed comments about how stupid 'gamers' are and how they deserve everything that happens to them because they keep paying said company.

    Article about non-video game company doing something stupid/malicious? Not a peep about how stupid their customers are or how they deserve everything that happens to them because they keep buying.

    EA screws over their customers again? 'You idiots, you had it coming!'

    Disney screws over their customers again? 'Hey, that company did something bad!'

    link to this | view in thread ]

  65. icon
    PaulT (profile), 26 Feb 2018 @ 12:24am

    Re: Re: You would think that, but no

    "the customers will overlook and forget issues like this"

    Here's the real issue - as strange as it may seem to those of us who pay attention, the vast majority of mainstream audiences don't know. If they are informed, they're usually not knowledgeable enough to care.

    This is why the constant character attacks on gamers is so idiotic and pointless. In the case of a mainstream products, thousands of gamers are boycotting but unless the issue is well publicised in mainstream sources (such as Star Wars Battlefront II's lootbox fiasco recently), boycotts will have limited impact. In the case of the company currently under discussion, there is literally zero competition for the products in question.

    Attitudes can be made to change somewhat by making sure that news of this kind of thing is both made general knowledge and the impact of such behaviour explained to a mainstream crowd. Unfortunately, some people think it's enough to come into a non-mainstream forum and personally attack the audience most likely to be participating in a boycott to begin with.

    link to this | view in thread ]

  66. icon
    PaulT (profile), 26 Feb 2018 @ 12:38am

    Re: Re:

    Once again, you're an idiot if you think that gamers are a hivemind, you're a hypocrite if you don't attack people who enjoy other media the same way, and you're a prick if you don't realise the forum you're talking in now is the most likely to have people who are boycotting like you wish.

    The problem is the same as it is in every industry - mainstream audiences only know what they're told by mainstream press, and even then it has to be explained in a way they understand. When this happens, Battlefront II suffers a noticeable sales loss and causes at least them pretending to make a change in their behaviour. Attacking gamers, even the ones who are boycotting, as if they're stupid because they didn't manage to get the people who only buy one game a year to care as passionately about the product as they do is just dumb.

    Stop being a dickhead, and do something that will actually help if you're that bother. Otherwise, you're just being an asshole for the sake of it, and the only person of questionable actions is the person who decided to spent their Sunday making shit up about other people to attack them with. What a pathetic waste your life must be.

    "Buckle up guys, it's only going to get worse from here on out."

    Quite possibly. But, it'll be the kinds of people like you, who spent their Sunday afternoon attacking people who generally agree about the problem rather than doing something positive to change it, who bear some of the blame.

    link to this | view in thread ]

  67. icon
    blademan9999 (profile), 27 Feb 2018 @ 8:50am

    Re:

    And that's not even taking into account the issue of shared computers. Maybe little Timmy really wants to play flight simulator but knows his parents can't afford to buy the program, so he torrents one from pirate bay and now there's malware on the computer his parents use.
    This could also happen with school computers.

    link to this | view in thread ]

  68. icon
    blademan9999 (profile), 27 Feb 2018 @ 9:05am

    Re: Re: Re: You would think that, but no

    link to this | view in thread ]

  69. icon
    GHB (profile), 23 May 2018 @ 3:05pm

    I really hope that vigilante-ware is illegal, not just piracy

    Weaponizing DRM to spy on users is not how you enforce copyright. Anti-piracy, more like anti-privacy. I don't care if the DRM is 100% false positive free or not, anytime there is an exploit that real hackers use, they will abuse it. Just to warn you, hackers can do *anything*, and often rely on exploits and how sensitive the DRM is. Say a hacker can do stuff that can trigger the DRM and reroute the personal information to the hackers.

    Even if that wasn't possible, no consumer would like (over the) maximum surveillance on their system under the excuse of “oh just in case if someone pirates our things”. Really? That is like having security cameras hidden in the bathroom (even inside the toilet) for people doing anything suspicious.

    Vigilante-ware should be illegal and shouldn't be used at all. I'm not pro-piracy, I'm saying maximum surveillance and hidden methods to enforce copyright without being officially disclosed should be abolished.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.