WoW indeed
September 13, 2012 4:33 AM Subscribe
Steganographic information (account ID, a timestamp and the IP address of the current realm) is secretly embedded in World of Warcraft screen shots. Via Schneier.
I'm not sure what the big deal is - people are choosing to post screenshots of their game client and then being upset that their information isn't as private as they want it to be? Blizzard isn't posting the screenshots, the user is making a conscious decision to do so.
I think your right to privacy goes out the window when you upload a picture to the internet. According to the TOS and EULA, screenshots are the property of Blizzard, not the user.
posted by synthetik at 5:11 AM on September 13, 2012 [2 favorites]
I think your right to privacy goes out the window when you upload a picture to the internet. According to the TOS and EULA, screenshots are the property of Blizzard, not the user.
posted by synthetik at 5:11 AM on September 13, 2012 [2 favorites]
This method is fairly immune to image manipulations - a hash would be destroyed by just about anything e.g. saving as a different file format.
On the other hand that's why it's fairly easy to find. You've kinda gotta wonder about the person who found it though. A bit like the people who search for "back masked" messages in pop music.
posted by iotic at 5:12 AM on September 13, 2012
On the other hand that's why it's fairly easy to find. You've kinda gotta wonder about the person who found it though. A bit like the people who search for "back masked" messages in pop music.
posted by iotic at 5:12 AM on September 13, 2012
synthetik: "I think your right to privacy goes out the window when you upload a picture to the internet. According to the TOS and EULA, screenshots are the property of Blizzard, not the user."If the information you are divulging is known to you, sure. If the information is hidden from you but - unknown to you - visible to others? Dick move, I'd say.
posted by brokkr at 5:21 AM on September 13, 2012 [4 favorites]
This method is fairly immune to image manipulations - a hash would be destroyed by just about anything e.g. saving as a different file format.
A perceptual hash library
posted by jaduncan at 5:22 AM on September 13, 2012 [2 favorites]
A perceptual hash library
"Perceptual hashes must be robust enough to take into account transformations or "attacks" on a given input and yet be flexible enough to distinguish between dissimilar files. Such attacks can include rotation, skew, contrast adjustment and different compression/formats. All of these challenges make perceptual hashing an interesting field of study and at the forefront of computer science research."It's the same reason that ContentID works in Youtube even when the original work wasn't even the same resolution or encoding format.
posted by jaduncan at 5:22 AM on September 13, 2012 [2 favorites]
I guess I'll start printing out and tracing my screenshots in pencil, then scanning them back in.
I wonder if that old "Look what I found on your hard drive*" trick still works, too?
*A message board poster would put a url attached to an img tag that pulled a random screenshot using the path where a shot was likely to reside on your hard drive, for example,
posted by tilde at 5:42 AM on September 13, 2012 [1 favorite]
I wonder if that old "Look what I found on your hard drive*" trick still works, too?
*A message board poster would put a url attached to an img tag that pulled a random screenshot using the path where a shot was likely to reside on your hard drive, for example,
<img src="C:/Program Files/VideoGame/files/screenshots/img38.jpg">
posted by tilde at 5:42 AM on September 13, 2012 [1 favorite]
"...any malicious hacker who knew about this could have used a screenshot of a lucrative character to find their actual username & active realm and then either try to scam them out of their password, or just brute-force it."
Maybe I just misunderstand security protocols in general (I say that totally non-sarcastically, to be clear, it's a real possibility), but is it actually problematic to have your login name known? I thought there was a distinction between identification and authentication, and the former is generally considered public knowledge. Not true?
posted by solotoro at 5:51 AM on September 13, 2012
Maybe I just misunderstand security protocols in general (I say that totally non-sarcastically, to be clear, it's a real possibility), but is it actually problematic to have your login name known? I thought there was a distinction between identification and authentication, and the former is generally considered public knowledge. Not true?
posted by solotoro at 5:51 AM on September 13, 2012
is it actually problematic to have your login name known?
It depends on the type of gear that character may have, in addition to their player level. "Epic" weapons and armor are in demand by a multitude of players, but most of those are bound to individual characters over the course of the game. It's easier to track down and hijack a user account with desirable items, then switch the character over to a different server to keep, or sell off illegally to anyone looking for a "powerful" character without starting from the beginning and leveling up.
posted by Smart Dalek at 6:07 AM on September 13, 2012
It depends on the type of gear that character may have, in addition to their player level. "Epic" weapons and armor are in demand by a multitude of players, but most of those are bound to individual characters over the course of the game. It's easier to track down and hijack a user account with desirable items, then switch the character over to a different server to keep, or sell off illegally to anyone looking for a "powerful" character without starting from the beginning and leveling up.
posted by Smart Dalek at 6:07 AM on September 13, 2012
I think your right to privacy goes out the window when you upload a picture to the internet.
I, and I think a lot of other people, would prefer a more graduated system, including privacy options intermediate between the two options you suggest, "do not upload anything ever" and "life is an open book". One objection to this kind of watermarking is that it takes away the ability of users who wish to live in that intermediate zone to make informed decisions about uploading screenshots, because their software is secretly making more information public than the user would reasonably expect.
(Insert open source advocacy here.)
posted by stebulus at 6:08 AM on September 13, 2012 [3 favorites]
I, and I think a lot of other people, would prefer a more graduated system, including privacy options intermediate between the two options you suggest, "do not upload anything ever" and "life is an open book". One objection to this kind of watermarking is that it takes away the ability of users who wish to live in that intermediate zone to make informed decisions about uploading screenshots, because their software is secretly making more information public than the user would reasonably expect.
(Insert open source advocacy here.)
posted by stebulus at 6:08 AM on September 13, 2012 [3 favorites]
The account id is not the login id. It might help trace a user in some cases, but it's not the email address id a battle.net user uses to login.
posted by edd at 6:19 AM on September 13, 2012
posted by edd at 6:19 AM on September 13, 2012
I'm not sure what the big deal is - people are choosing to post screenshots of their game client and then being upset that their information isn't as private as they want it to be? Blizzard isn't posting the screenshots, the user is making a conscious decision to do so.
They are choosing to publish an image, not the associated information.
Consider a user that occasionally posts shots from his primary account on his Facebook. Also, he runs an alt character as part of a guild of, say, gay gamers, and occasionally posts shots from this account on the public guild bulletin board. It is now possible to associate the two characters and out the user.
posted by CaseyB at 6:23 AM on September 13, 2012 [1 favorite]
They are choosing to publish an image, not the associated information.
Consider a user that occasionally posts shots from his primary account on his Facebook. Also, he runs an alt character as part of a guild of, say, gay gamers, and occasionally posts shots from this account on the public guild bulletin board. It is now possible to associate the two characters and out the user.
posted by CaseyB at 6:23 AM on September 13, 2012 [1 favorite]
Consider a user that occasionally posts shots from his primary account on his Facebook. Also, he runs an alt character as part of a guild of, say, gay gamers, and occasionally posts shots from this account on the public guild bulletin board. It is now possible to associate the two characters and out the user.
Yes, I think not enough attention is being paid to the fact that the historical corpus of screenshots is now open to this kind of attack by any third party, not just Blizzard (although in the specific case of FB, I'd think that the sheer amount of compression they add probably destroys the watermark).
posted by jaduncan at 6:27 AM on September 13, 2012
Yes, I think not enough attention is being paid to the fact that the historical corpus of screenshots is now open to this kind of attack by any third party, not just Blizzard (although in the specific case of FB, I'd think that the sheer amount of compression they add probably destroys the watermark).
posted by jaduncan at 6:27 AM on September 13, 2012
If the information you are divulging is known to you, sure. If the information is hidden from you but - unknown to you - visible to others? Dick move, I'd say.
This "information" is utterly useless to anyone except Blizzard. Aside from confirming the legitimacy of screenshots -- for use as proof against hackers / cheaters / exploiters in-game -- I cannot fathom a use for such limited, non-specific information.
I appreciate that people are concerned about privacy, but given all the known information this seems to be much ado about nothing.
posted by Dark Messiah at 6:27 AM on September 13, 2012
This "information" is utterly useless to anyone except Blizzard. Aside from confirming the legitimacy of screenshots -- for use as proof against hackers / cheaters / exploiters in-game -- I cannot fathom a use for such limited, non-specific information.
I appreciate that people are concerned about privacy, but given all the known information this seems to be much ado about nothing.
posted by Dark Messiah at 6:27 AM on September 13, 2012
Consider a user that occasionally posts shots from his primary account on his Facebook. Also, he runs an alt character as part of a guild of, say, gay gamers, and occasionally posts shots from this account on the public guild bulletin board. It is now possible to associate the two characters and out the user.
Of all the privacy issues regarding Facebook, and this one would concern you? What you posit doesn't even seem possible. The account name is not your character name, nor is it something anyone would know unless they actually watched you login to the game client.
posted by Dark Messiah at 6:33 AM on September 13, 2012
Of all the privacy issues regarding Facebook, and this one would concern you? What you posit doesn't even seem possible. The account name is not your character name, nor is it something anyone would know unless they actually watched you login to the game client.
posted by Dark Messiah at 6:33 AM on September 13, 2012
What you posit doesn't even seem possible. The account name is not your character name, nor is it something anyone would know unless they actually watched you login to the game client.
All that matters is that both screenshots have the same account ID, allowing correlation. Players are under the assumption today that alt characters are anonymous, except to Blizzard. This hidden data breaks that assumption. Worse, it breaks it retroactively.
posted by CaseyB at 6:40 AM on September 13, 2012
All that matters is that both screenshots have the same account ID, allowing correlation. Players are under the assumption today that alt characters are anonymous, except to Blizzard. This hidden data breaks that assumption. Worse, it breaks it retroactively.
posted by CaseyB at 6:40 AM on September 13, 2012
I certainly appreciate the point of view of the people who say this is no big deal. I also appreciate the point of view of people who leave the bathroom door open. But that doesn't don't want people to peek in when I think it's closed, even if I'm just combing my hair. In this case, I think Blizzard has deceived its users about what they are making public.
posted by tyllwin at 7:02 AM on September 13, 2012
posted by tyllwin at 7:02 AM on September 13, 2012
If, as WoW Insider says, your account number (which is separate from your account ID and your e-mail address) is available via the Armory anyway, then anyone wanting to do malicious tracking of separate characters already had a path to look up whether any two random toons were in the hands of the same person. And that's not as easily circumvented by taking the highest quality screenshots if you post them publically, as this method is.
posted by rewil at 7:11 AM on September 13, 2012
posted by rewil at 7:11 AM on September 13, 2012
Dark Messiah: "I appreciate that people are concerned about privacy, but given all the known information this seems to be much ado about nothing."
Once you discover that a company has been divulging some information about you without your knowledge, I think it's reasonable to assume they might have divulged all information about you.
posted by brokkr at 7:56 AM on September 13, 2012 [1 favorite]
Once you discover that a company has been divulging some information about you without your knowledge, I think it's reasonable to assume they might have divulged all information about you.
posted by brokkr at 7:56 AM on September 13, 2012 [1 favorite]
The problem is the information is hidden. If Blizzard disclosed they were doing this it'd be no problem. But instead they've been hiding it since 2007, possibly as a way to spy on their users, and it's not cool. Yeah, it's just screenshots from a dumb game, but it's not OK to embed hidden tracking codes without telling users.
A close analogy is the way color printers embed hidden watermarks, something the EU considered a potential privacy violation. It also seems terribly dangerous to me; anyone can track the printer codes, not just a trusted government source.
A related situation is the way your camera embeds EXIF data into photos like a unique camera serial ID, a timestamp, and (sometimes) the exact latitude/longitude where the photo was taken. In this case I don't think the camera manufacturers are doing anything nefarious since the fact they add this data is well disclosed. It still creates all sorts of privacy problems as ordinary users don't understand the data exists or what it means. Some photo sharing sites explicitly strip that data out for users to protect them from what they don't understand.
BTW, the dissassembly suggests the data may be inserted when the user presses Warcraft's "make screenshot" key. In that case, screenshots taken by other means (say, the operating system facility) wouldn't be watermarked. I haven't tested it.
posted by Nelson at 7:59 AM on September 13, 2012
A close analogy is the way color printers embed hidden watermarks, something the EU considered a potential privacy violation. It also seems terribly dangerous to me; anyone can track the printer codes, not just a trusted government source.
A related situation is the way your camera embeds EXIF data into photos like a unique camera serial ID, a timestamp, and (sometimes) the exact latitude/longitude where the photo was taken. In this case I don't think the camera manufacturers are doing anything nefarious since the fact they add this data is well disclosed. It still creates all sorts of privacy problems as ordinary users don't understand the data exists or what it means. Some photo sharing sites explicitly strip that data out for users to protect them from what they don't understand.
BTW, the dissassembly suggests the data may be inserted when the user presses Warcraft's "make screenshot" key. In that case, screenshots taken by other means (say, the operating system facility) wouldn't be watermarked. I haven't tested it.
posted by Nelson at 7:59 AM on September 13, 2012
A related situation is the way your camera embeds EXIF data into photos like a unique camera serial ID, a timestamp, and (sometimes) the exact latitude/longitude where the photo was taken.
A porn site a . . . friend of mine goes to occasionally publishes the models' "application" photos as a bonus. This friend of mine got curious when he saw a self-shot cell phone picture and guess what? Coordinates centering on a house in some rural part of the country.
posted by clorox at 8:26 AM on September 13, 2012 [4 favorites]
A porn site a . . . friend of mine goes to occasionally publishes the models' "application" photos as a bonus. This friend of mine got curious when he saw a self-shot cell phone picture and guess what? Coordinates centering on a house in some rural part of the country.
posted by clorox at 8:26 AM on September 13, 2012 [4 favorites]
Kinda hard to tell with such a long thread there, but did they ever get to the point where some said "OK, here's my screenshot. Now you all tell me my account name" and it was able to be cracked?
posted by ShutterBun at 8:34 AM on September 13, 2012 [1 favorite]
posted by ShutterBun at 8:34 AM on September 13, 2012 [1 favorite]
Why would they do this? If anything, it should be an option that is set to "disabled" in the options menu.
posted by no1nose at 8:49 AM on September 13, 2012
posted by no1nose at 8:49 AM on September 13, 2012
We did something similar on a software project. There was a one pixel shadow line in the main window, that used slightly different values of gray to show the version and build number. This was done to be able to identify builds in screenshots showing bugs (and didn't display any user info). I always thought it was a neat solution.
posted by doctor_negative at 8:52 AM on September 13, 2012 [2 favorites]
posted by doctor_negative at 8:52 AM on September 13, 2012 [2 favorites]
Possibly to verify information associated with bug reports/GM tickets. Who, when, and where can be easily checked against someone's story.
And it's ridiculously easy to circumvent, for those that are worried.
posted by ShutterBun at 8:54 AM on September 13, 2012
And it's ridiculously easy to circumvent, for those that are worried.
posted by ShutterBun at 8:54 AM on September 13, 2012
ShutterBun: "And it's ridiculously easy to circumvent, for those that are worried."Once you're aware of it, yes.
posted by brokkr at 10:33 AM on September 13, 2012
jaduncan - that perceptual hashing stuff is certainly interesting but I'm struggling to see how it would be used for this purpose. It seems like you'd have to be able to associate a hash string with a specific image. can you explain how that would help get player information from any given screenshot?
posted by iotic at 11:08 AM on September 13, 2012
posted by iotic at 11:08 AM on September 13, 2012
Why would they do this?
It has been suggested that it's a way to identify unauthorized private servers. The information includes the IP address of the server you're logged in to. So Blizzard could scan all of the WoW screenshots it finds and get the IP addresses. When a server IP is found that isn't Blizzard's, it's an opportunity to track it and try to get it shut down.
posted by yath at 11:40 AM on September 13, 2012
It has been suggested that it's a way to identify unauthorized private servers. The information includes the IP address of the server you're logged in to. So Blizzard could scan all of the WoW screenshots it finds and get the IP addresses. When a server IP is found that isn't Blizzard's, it's an opportunity to track it and try to get it shut down.
posted by yath at 11:40 AM on September 13, 2012
It would be FAR easier for Blizzard to simply google "WoW private server" and start going after Molten, Feenix, et al. They put their IP addresses right there in the "getting started" instructions, fee chrissakes.
posted by ShutterBun at 12:32 PM on September 13, 2012
posted by ShutterBun at 12:32 PM on September 13, 2012
Oh for Jaina's sake.
Full disclosure: I PLAY WORLD OF WARCRAFT. I even have the expansion pre-reserved. So.
http://wow.joystiq.com/2012/09/11/blizzard-may-be-hiding-information-in-your-screenshots-but-it-c/ is a nice talkabout it.
This is useful to Blizzard for two reasons:
1) the private servers, if only to keep an eye on the ones that don't post their information publically
2) for people who are screamingly dumb enough to post links to "hey guyz look at this cheat I done!" picture
Both of these for the purposes of bringing down the Banhammer of Ragnaros.
And if you're the kind of person who goes "Once you discover that a company has been divulging some information about you without your knowledge, I think it's reasonable to assume they might have divulged all information about you.", then you probably should have stopped playing around the time Blizzard got bought by Activision. (I wouldn't be surprised to find out this started happening around the time that finalized, as part of the Activision Hates Its Users initiative that they've been running since they got into PC gaming.)
posted by mephron at 2:34 PM on September 13, 2012
Full disclosure: I PLAY WORLD OF WARCRAFT. I even have the expansion pre-reserved. So.
http://wow.joystiq.com/2012/09/11/blizzard-may-be-hiding-information-in-your-screenshots-but-it-c/ is a nice talkabout it.
This is useful to Blizzard for two reasons:
1) the private servers, if only to keep an eye on the ones that don't post their information publically
2) for people who are screamingly dumb enough to post links to "hey guyz look at this cheat I done!" picture
Both of these for the purposes of bringing down the Banhammer of Ragnaros.
And if you're the kind of person who goes "Once you discover that a company has been divulging some information about you without your knowledge, I think it's reasonable to assume they might have divulged all information about you.", then you probably should have stopped playing around the time Blizzard got bought by Activision. (I wouldn't be surprised to find out this started happening around the time that finalized, as part of the Activision Hates Its Users initiative that they've been running since they got into PC gaming.)
posted by mephron at 2:34 PM on September 13, 2012
I imagine it is also used for finding and hammering anyone who publicly posts screencaps from non-public beta builds.
posted by rifflesby at 5:33 PM on September 13, 2012
posted by rifflesby at 5:33 PM on September 13, 2012
is it actually problematic to have your login name known?
I don't know about Warcraft, but in EVE this is very, very sensitive information. This kind of information leak could easily link forum accounts to game characters and compromise spies. That would be pretty terrible for the EVE metagame.
posted by ryanrs at 5:35 PM on September 13, 2012
I don't know about Warcraft, but in EVE this is very, very sensitive information. This kind of information leak could easily link forum accounts to game characters and compromise spies. That would be pretty terrible for the EVE metagame.
posted by ryanrs at 5:35 PM on September 13, 2012
edd writes "The account id is not the login id. It might help trace a user in some cases, but it's not the email address id a battle.net user uses to login."
The article says this is true now but wasn't true during the first couple of years of this user lo-jacking.
posted by Mitheral at 8:51 PM on September 13, 2012
The article says this is true now but wasn't true during the first couple of years of this user lo-jacking.
posted by Mitheral at 8:51 PM on September 13, 2012
That's correct, the account IDs were identical to logins until the merger with battle.net 2.0, which happened during Lich King.
My hypothesis is that this was a countermeasure to widespread account hacking and selling during the early days (classic & TBC), as it was a huge and profitable black market, which caused a lot of players grief. Back before eBay banned WoW listings, they were seeing 100+ a day accounts easily. And it was common practice to upload mildly censored (block out the name) screenshots of the characters, to confirm they existed and were wearing full tier-whatever gear. This watermark would let Blizzard just trawl auction sites and automatically flag accounts as compromised, because they could derive the exact identity of the toons based on the uploaded screenshots. I'm racking my brain for any other widespread format where full-sized in-line screenshots were commonplace (as they'd have to be for this method to be of any use), and can't really think of any.
It's still not a very good hypothesis though, because their customer service still sucked at dealing with hacking. Maybe it's just a leftover from closed beta which someone forgot to remove.
posted by mek at 9:54 PM on September 13, 2012
My hypothesis is that this was a countermeasure to widespread account hacking and selling during the early days (classic & TBC), as it was a huge and profitable black market, which caused a lot of players grief. Back before eBay banned WoW listings, they were seeing 100+ a day accounts easily. And it was common practice to upload mildly censored (block out the name) screenshots of the characters, to confirm they existed and were wearing full tier-whatever gear. This watermark would let Blizzard just trawl auction sites and automatically flag accounts as compromised, because they could derive the exact identity of the toons based on the uploaded screenshots. I'm racking my brain for any other widespread format where full-sized in-line screenshots were commonplace (as they'd have to be for this method to be of any use), and can't really think of any.
It's still not a very good hypothesis though, because their customer service still sucked at dealing with hacking. Maybe it's just a leftover from closed beta which someone forgot to remove.
posted by mek at 9:54 PM on September 13, 2012
« Older Humans are less human than we thought. | Rationality and the Mob Newer »
This thread has been archived and is closed to new comments
posted by jaduncan at 5:10 AM on September 13, 2012 [4 favorites]