Linux Users Banned From World of Warcraft?

Turmoyl writes "Many Cedega (formerly WINEX) users claim to have been mistakenly caught up in a security sweep of the U.S. game servers performed by Blizzard's World of Warcraft Game Master (GM) staff. Affected users received the same strongly-worded 'Notice of Account Closure' email messages that true bot users did, in which they were accused of the 'Use of Third Party Automation Software.' While diagnosis of this event continues early speculation points to Blizzard's use of the Warden anti-cheating spyware application that is bundled with World of Warcraft, and the odd things that may have been produced by it when it was run via Cedega. Emails to World of Warcraft's Account Administration staff continue to go unanswered while the list of affected people continues to grow."

My Guesses & Opinions

Well, I've talked with someone who does a lot of this sort of stuff and he explained to me that long ago when Blizzard first debuted WoW, it was an instant success. And there were many people that had developed scripts (duping, afk farming, etc) for games like Diablo that wanted to to do the same thing for WoW.

The art of doing this successfully lies in knowing what addresses of memory that your client application is using to store data. You change these memory addresses & your client's state is altered. But there's some things you can't change because they're located on the server. Realistically, the client has to do some of the computation and storing itself (and with WoW being some huge multi-gigabyte client, there's a lot to investigate). Obvious, you want to reduce network traffic and give your servers a break so you design this to have minimal communication.

The problem then becomes that users will write applications to modify the data & memory that their client applications are using. What results is signals sent back to the server which aren't true and give that user an advantage. Solution? Enter Warden to check these memory spaces and files for any potentially unauthorized changes (checksums, whatever method they want to use or seeing which threads are accessing that memory). And how do you protect Warden from it itself being hacked? You design it kind of like a root kit--that is the user shouldn't be able to alter or disable Warden & they lose the domain over that tiny bit of functionality of their hard drive.

My guess is that before, they were checking if there were any known scripting or programs that were unauthorized and changing this data. And they were banning those and only those accounts. I fear that it now does a verification on the memory space, files & system registry to ensure that it is not being molested by another application or tweaked at all. I am guessing that they have changed the ban notice to ban whenever this verification stage fails and that Cedegra does not emulate Windows to the point of their verification satisfaction or to the point of Warden being able to query all other running applications. Worse yet, I fear they may look to integrate this with the WGA with Windows & some other means with Macs--though that is pure speculation on my part.

The irony of it all? The fact that a talented programmer with burp or some other styled network tool and use linux on a routing box to intercept packets and change them to give him position hacks. Unfortunately, if you use this too much, I believe that random server side verification checks will eventually catch up with you but I can't say I've ever implemented this or been caught using it.

Which brings me to one last point I'd like to make on this topic. I think that this cat n' mouse game of Blizzard versus the cheaters is good for AI. The last possible domain we have is people writing applications that extract data from video memory and use computer vision algorithms to write if-then-case bots. Yes, bots are bad but this is driving people to a corner where they essentially strive to pass the Turing Test ... after all, you don't want a GM messaging your bot as he sits idle doing his repetitive task, do you?

The Only Winning Move

>doing his repetitive task

I choose not to play games that hinge on this so much. Aside from the monthly fees, something like Oblivion's fast travel (or even console commands when the gates got boring) is the sign of a better game to me, instead of one which rewards behavior that can be currently emulated by a computer. It's not a job, it's a game!

Re:The Only Winning Move

As I posted below, the LUA interface doesn't provide move commands. Here's what some of the most popular "mods" are:

• Look/feel changes: These simply change the appearance of the GUI. Sometimes they add more information, like overlaying a % over the enemies health bar, or highlighting party members who are taking damage.
• Bars: Many of the early addons were to add more buttons, until Blizzard implemented this themselves.
• Raid: lots of addons help with raiding, like showing the health of everyone in the raid, showing the main tank's target, etc. Also, debuff cleansing with one button press (scans the raid and casts an appropriate cure spell), though this is being disabled by Blizzard in the coming expansion.
• Additional GUI: some mods don't just modify the existing GUI they add more. A bar across the top listing money, regen rate, your (x,y) location on the map, your XP/hour, your fps and ping, the amount of ammo you have left, etc. For classes with reagent needs it can track those.

As you can see most add-ons revolve around giving the user more information. The closest thing to botting there is the auto-curing, which is on its way out.

Re:The Only Winning Move

Right now you could conceivably, with a piece of outside hardware/software to generate keyboard press events (WoW ties spell casting, movement, and most other combat-useful actions to keyboard events), do most or all of a bot's scripting in Lua. This is, however, not how current WoW bots work (I'm familiar with the code underlying a couple of them, and know the details of more). Moreover, this capability will be removed forever when WoW's 2.0 patch (in a few weeks) greatly restricts the ability for scripts to decide who to cast what spells on.

Re:The Only Winning Move

This article [informit.com] discusses how to design a game where a human has an intrinsic advantage over a computer player. (Forgot to press preview last time).

Re:The Only Winning Move

One of the keys to avoiding cheats is that the game must be composed of mostly non-trivial, non-repetitive decisions.

Almost every MMORPG is composed of completely trivial decisions. During a fight, at any given point in time there is a definite "right" decision to make, a definite order in which the character's abilities should be used, and a definite opponent that is optimal to attack. Buttering toast requires more difficult decisions than World of Warcraft has ever presented.

Starsiege: Tribes never had a very successful bot created for it because the game requires the player to make decisions that a bot simply couldn't make quickly or predict accurately. In almost any scenario, there wasn't a dominant choice. You frequently had to choose among a range of equally attractive options, drawing only on past experience, intuitive knowledge of how physics works, and common sense about how people behave.

there is always an exception to the rule

My wife, it kills me, she'll grind through the same thing on D2:LOD 50 times an evening.

I accuse her of being a bot- it's the most mechanical thing you've ever seen.

she writes down many EXP points she got per baal run, then does it again,
then does it again, then does it again, then does it again, then does it again, then does it again, then does it again, then does it again, then does it again, ad infinity..

to a 'gamebandwidth' counter, that'll look VERY suspicious

(BTW some of the repetions above I typed by hand, some I did by cut and paste- can you see where I switched to cut & paste above?---riiiight.....)

Re:My Guesses & Opinions

Your analysis falls down when you consider that there have been no reports of any Mac users being targeted by this. There is no Warden process or anything resembling a rootkit on my system when I start up the client. Just one process: World of Warcraft. I suppose they could just be excepting any client that reports as being run on a Mac, but if that were the case, all of the people working to hack the system would just switch to running on a Mac. I suspect there is a bit more to the method that they're using and have heard rumors of them using things like 'multiple logins to the same account from different IPs' and other indicators. Perhaps the linux emulators are doing something that trips one of these other detection mechanisms.

I believe that for the most part Blizzard is handling the cheating by making the client as dumb as possible and not trusting it for anything other than 'requests'. The design philosophy is centered around the client 'asking' to do something and the server saying 'yes' or 'no'. There isn't a way for the client to say 'Put this character at position x,y', there is only a way for a client to request to move along a vector. The server then reports the current position back to the client. That doesn't mean that hacks haven't ever happened - but those have been cases of the server not strictly following this model and are subsequently patched.

Of course, this doesn't stop anybody from writing their own client that allows them to automate the request process given they were good enough to spoof being a 'real' client to the server.

Re:My Guesses & Opinions

There is a wonderful set of slides from the BlackHat 2006 that outline the escalating war between the bot writers and Blizzard's Warden, culminating in the proposal to write a rootkit to hide the bot's activities from Warden: http://www.rootkit.com/newsread.php?newsid=543 [rootkit.com] If Blizzard is now looking for rootkit like behavior, or looking for specific signs of an existing rootkit, Cedega / Linux may very well raise all sort of red flags.

Re:My Guesses & Opinions

> And how do you protect Warden from it itself being hacked? You design it kind of like a root kit--that is the user shouldn't be able to alter or disable Warden & they lose the domain over that tiny bit of functionality of their hard drive.

That's trivial to get around. Run it under VMWare or qemu. Now the control of the user's machine is back in the hands of the user. When will people understand that you can't control software that's not entirely in your own hands?

Anyway, the solution to this problem of being banned is trivial. Chargeback. As soon as they start losing money and their credit card processor starts asking questions, they'll start addressing their customer's complaints. If chargebacks don't work, take Blizzard to small claims court. Even if you lose, they'll still waste time and money sending their lawyers to defend themselves. Eventually they'll get the idea.

Summary: You own your computer, not Blizzard. Money talks, letters don't.

Re:Strong AI and the WoW Turing Test

Which brings me to one last point I'd like to make on this topic. I think that this cat n' mouse game of Blizzard versus the cheaters is good for AI. The last possible domain we have is people writing applications that extract data from video memory and use computer vision algorithms to write if-then-case bots.

Correct, in 10-20 or so odd years the technology maybe available that is undetectable nor traceable by any server to find if a person is an AI or human.

Lets say in 15 years you have on computer with WoW2 installed on it.

On a second one that isn't even hooked up to the network you simply take the VGA/DVI output to it and then OCR the text states and by able to recognize objects in the virtual world much like Stanley's robot car is able to recognize objects on the road.

Then your AI could simply feed the other computer commands through a USB keyboard.

If the WoW client had sufficient DRM and rootkit abilities then perhaps it could detect such a hardware setup.

But even then perhaps if you had a robotic arm and a camera giving the input making it impossible for another program to detect an AI.

Suffice to say... It will be something Blizzard or any other game company can defeat unless they require game players to physically come to game centers.

Even then... How would you know if the player didn't have an AI chip implanted in his skull? ;)

Poor Users

I do hope Blizzard will fix these users accounts. I don't currently play WoW on OSS platforms, but I plan on doing so in the future. It would be even better if they would make a Linux version of the game. Then again, I'd probably get caught "cheating" since I'd run it on BSD.

I've seen this happen with PunkBuster checks in some games when you try to run then in another OS as well.

I used to run WoW in Cedega

I used to play WoW via Cedega, before I just decided I didn't have enough time for games entirely, and I think this is too bad. If they had stopped me from using Cedega, it would have been my subscription.

Actually, using it via Cedega worked really well once you got it working. I can't say it was "better than Windows," because I've never run Windows on that hardware (at least, not as the bare-metal OS, only in VMs), but it was a lot better than I imagined it would be when I started messing around with it.

I think there are quite a few people who only use Cedega because of WoW, so I expect that the Cedega people will fix stuff pretty quickly, if the Blizzard folks will even tell them what the problem is and what Cedega is doing that Warden doesn't like.

I think it's going to get to the point where "anti-cheats" and "copy protection" are the major things tying games to the Windows platform, because they're fundamentally hard (if not impossible) to implement on a Free OS, because the user -- by design -- can basically modify whatever they want, run debuggers, memory editors, etc.

Re:Poor Users

I play WoW under wine (wine itself, not one of the commercial spin-offs) on Linux. I've never been banned. I've never gotten a note calling me a "bot".

There is a long history of folks blaming wine for bannings in WoW, and I would wait to see exactly what happened here, before assuming that Blizzard has gone off the deep-end and started attacking those users who have clearly gone to great lengths to be able to run the game.

PS: If you want to run WoW under Wine, here's what I did on my Fedora Core 5 system using an NVidia card with the binary NVidia drivers:

• Started with this HOWTO for gentoo [gentoo-wiki.com]
  
• Installed the stock FC5 (extras?) wine.
  
• Built the patched version in my homedir as described in the HOWTO, but did not install it.
  
• Installed Mozilla and the ActiveX extensions as described in the HOWTO.
  
• Installed WoW from CD under wine as described.
  
• Copied patch files from a Windows system, just to save download time.
  
• Ran WoW, and allowed it to patch.
  
• Tweaked sound settings as described.
  

It now works fine. The only problems that I have are:

• Sound pops from time to time when CPU is under load, especially if some other app competes for CPU against WoW. The suggested fixes on the HOWTO page failed to address this.
  
• Some graphics glitches, mostly involving flashes in water that extends to the edge of the clip plane. This is mentioned in the HOWTO, I think, but there's no known fix for it that I'm aware of. Not a biggie for me.
  
• Some key-combinations are not relinquished by the window manager even in non-windowed mode, and thus any WM-specific keys or mouse actions are not sent to the game. This is fixable, but I don't bother. I just avoid those keys, and I re-mapped the ones that I needed in the game.
  

On the other hand the benifits are huge:

• It's faster under Linux than it was under Windows, but not by much.
  
• Switching from WoW to a desktop app is amazingly fast and painless. Major difference from Windows.
  
• Applications that contend for memory and/or CPU while I'm playing don't appear to harm application performance nearly as much as under Windows, which given that this is both my game system and work-from-home-at-night system, is a major win.
  

Overall, I love WoW under Linux. It's a joy compared to some made-for-linux games I've tried to run, and wine really seems to have come along.

Of course letters to Blizzard go unanswered ...

Blizzard is about as customer-friendly as Sony.

These guys really deserve being knocked down a notch or two. Unfortunately, with WoW being as popular as it is, there's not much chance of that happening for a few years yet.

Re:Of course letters to Blizzard go unanswered ...

Nintendo ignores any mail complaining that someone couldn't get Halo or God of War working on their Gamecube. The same applies here.

Blizzard does not support Linux. It was great that some enterprising people got WoW working, but that doesn't mean you can complain when Blizzard does something that unintentionally breaks it.

My experience has been that Blizzard is extremely customer friendly. I've had a number of issues resolved cocerning game glitches, account errors and more in a timely and respectful manner. Many people complain that "blue" doesn't respond enough in the forums. Given the huge amount of traffic there, and the additional traffic and focus any blue response gives a thread, it would be both impossible (time constraints) and unfair (any thread with a blue response implodes, leaving other worthy threads unread) to increase their interaction.

When Blizzard releases an expansion for WoW which does nothing but raise the level cap by X and doesn't even feature new content but the promise of new content claiming "You'll buy it because it's WoW", when they discontinue the in game ticket system and shut down the forums, when they "have built a line of equity and we intend on spending it", then they will be about as customer-friendly as Sony. As it stands, I don't think you can claim that Blizzard's service is anywhere near as hellish as what SW:G and EQ players have had to deal with.

Re:Of course letters to Blizzard go unanswered ...

Blizzard does not support Linux. It was great that some enterprising people got WoW working, but that doesn't mean you can complain when Blizzard does something that unintentionally breaks it.

They don't support it, fine. That's their prerogative. But there's a difference between breaking and banning. This is denial of a paid service when the customer was likely adhering to their end of the contract.

Should be interesting

I run WoW in Linux, I only have one box for Windows and I don't want to be sitting at my windows laptop when I have a nice dual head display setup on my workstation with a better video card. If they ban me then so be it, there's money back per month for me. Usually the Blizzard guys are pretty good, so a bit disappointed if this is the path they are wanting to go.

If Blizzard Doen't Ban These Users....

..... Then the terrorists win.

Re:No Wait !!

You have NOTHING to whine about. nada. zero. zip. People modded him as a troll. Deal with it. We have no responsibility to take how you read things into account. You can whine all you want about it not being fair, or how you have some 'right' to have everyone else read, but you don't. Slashdot moderators make moderations for slashdot readers. If you get it to read it, power to you. But if it stops being read, tough luck, it was never intended to be read anyway. You may as well complain to Nintendo about the quality of Snes9x.

Re:No Wait !!

Why did this get modded "Troll"? He has a point. If I had mod points I would upmod this...

Would you rather it get modded Undead, Tauren, or Orc instead?

Re:No Wait !!

"Why did this get modded "Troll"?"

Umm, because he's wrong?

Yes, I'm a die hard Linux user and gamer. But I am going to be as completely objective about this as I can be. The accounts are being *banned*. Which is to say: sure, if I try to run EQ2 (what I play instead of WoW) under Linux, and it works for a while and then breaks, all his points are valid. The problem then becomes that I can't go back to my Windows box and play from there. Why?

Because they banned the *account*! It's not like I tried to get F.E.A.R. working and it didn't so "waaaaah, I have to play under Windows!" Rather, I tried to play under Linux and now, even though I paid for the right to play, I cannot play under Linux or Windows at all.

Now, their nazi-EULA probably says they can terminate your *paid* account for whatever reason they want, but if you want to talk about whether there is something to "whine" about, there absolutely is. People's accounts should not be banned because they attempted to get their software working under an unsupported OS. That really is unfair.

I cannot address whether or not any of this is FUD, however, since I don't play WoW and I stopped paying for Cedega. It seems odd that only some of the Cedega users are affected, but not all.

Re:No Wai !!

No. People have every right to complain. Blizzard are behaving reprehensibly. They're banning a load of users and accusing them of cheating for no reason other than their decision not to use Windows.

Their customers want to use Linux. If they are not going to take account of thios then they will be publicly criticised. The affected users have ewvery right to complain.

Re:No Wai !!

Blizzard has worked with the people at Cedega to make the product work properly. One known issue they helped the linux community with was when the mini map used to cause the screen to freak out. The Cedega team worked with the Blizzard developers to come up with the solution to the problem.

Don't say that it isn't supported. No, officially it is not, but it is unofficially.

As for him being modded as a troll--it would seem he is a troll. He is speaking out his arse without any knowledge nor history on the subject.

Re:No Wai !!

You people have NOTHING to whine about. nada. zero. zip.

You are using it on a non-supported platform. Deal with it.
Blizzard has no responsibility to take how Cedega does things
into account. You can whine all you want about it not being fair,
or how you have some 'right' to play it on your Linux enabled
toaster, but you don't.

Blizzard makes the game for Windows. If you get it to work in
Linux, power to you. But if it stops working, tough luck, it
was never intended to work anyway. You may as well complain to
Nintendo about the quality of Snes9x.

You're missing the point.

This isn't a problem with support. It isn't a matter of whether WoW.exe will run or not - it does run under WINE/Cedega. The issue is that Blizzard is closing game accounts. You can still run the program, you just can't log in to your account. Doesn't matter if you reformat and reload your machine with Windows or MacOS to appease Blizzard, you can still run the program, you still can't log in to your account. Worse, the account is being closed because of cheating. That's what it'll say in your account details - hacking/cheating. Not "didn't pay his bill", but "caught running cheat/hack program". Much harder (impossible?) to get such an account re-activated.

My bank doesn't support Firefox on Linux for viewing my balance on-line. They have a list of supported browsers and operating systems and Firefox/Linux just isn't on it. Because of that I will not be surprised if I cannot view my balance on their website...I will not be surprised if the page renders incorrectly or isn't functional - it isn't a supported platform. That's fine. I'll go view my balance on an IE6/Windows machine instead. But I most certainly will complain if they close my bank account because I tried to view my balance with Firefox/Linux.

WoW & Ubuntu

There's a Wine package for Ubuntu that fixes a couple of bugs associated with WoW. The howto can be found on the excellent Ubuntu wiki at https://help.ubuntu.com/community/WorldofWarcraft [ubuntu.com] and details the instructions. It's pretty much a download the package and double click it, then run 'wine WoW.exe -opengl'. This ban rumor pops up periodically but I have yet to encounter any problems.

Not just the U.S. servers

New information in the thread on the TransGaming forums linked in the original article shows that European Cedega users that play on European WoW servers are affected as well.

Cheating is bad for their community

If cheating were to go on unabated, the WoW community would shift away to something else. They are trying to tend to their interests and I can't blame them.

What should have happened? Well, for one, someone from the Cedega project who also uses WoW (chances are pretty good) should get into communication with the Blizzard people in order to work out any issues. Allowing people to use Linux while playing WoW is certainly in Blizzard's interest and since Cedega is doing the bulk of the work, I can't imagine why Blizzard wouldn't at least come to the table to work it out. Cutting users off is likely the side-effect of an automated process not seeing what it expects to see and not some assault on Linux users.

Not at all surprised...

For anyone that thinks Cedega's (or WINE, for that matter...) anything other than a good short-term solution to
Linux gaming, all I need do is point them to this as a good example of why it's not so hot of an idea. And it's
perfectly within Blizzard's rights to do this action- to the point of ignoring any contact with regards to this
whole affair. Doesn't make it good for PR or customer relations, mind- but it's completely within their rights
to do so. After all, they only support Windows on this title and don't have plans to provide support to other
OS platforms. Again, which is their right.

Native ports wouldn't have as many of these issues.

As for the whole affair... It's Blizzard. They've apparently got a singular attitude about Linux users that
started with the period around Starcraft forward. I wouldn't buy any title from them right now and for some
while to come- you just don't treat customers or potential customers the way they seem wont to do.

Re:Not at all surprised...

As for the whole affair... It's Blizzard. They've apparently got a singular attitude about Linux users that
started with the period around Starcraft forward. I wouldn't buy any title from them right now and for some
while to come- you just don't treat customers or potential customers the way they seem wont to do.

What you just said would make sense if they weren't RUNNING WOW ON LINUX SERVERS. Their database environment has been Oracle on Linux since the game was released.

http://www.blizzard.com/jobopp/senior-oracle-datab ase-administrator.shtml [blizzard.com] (Granted, they're looking at HP's *nix right now, but that's probably because HP gave them a deal on blade servers).

Blizzard has nothing against Linux users. Their main beef is with cheaters, and I'm sure these accounts will be reenabled. But some Linux users (incorrectly) jump to conclusions that they're being targeted.

Their previous beef was about bnetd allowing people to play online without buying games. They could care less if people played the game on Linux, they just wanted to make sure people went through official servers and paid to play the game. Again, so