|
VIDEOs-EVIL/WEIRD/GHOST HAUNTINGS & CRIME Enjoy! |
IMPORTANT ANNOUNCEMENT |
Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site. |
|
LinkBack | Thread Tools | Display Modes |
31-07-12, 17:07 | #1 |
Join Date: Feb 2011
Posts: 47,372
Thanks: 27,594
Thanked 14,456 Times in 10,262 Posts
|
DRM (Video Games) Lets In Remote Attackers
Ubisoft DRM Lets In Remote Attackers, Google Engineer Reports
Posted: 31 Jul 2012 by Enigma Hacker Tavis Ormandy has discovered a serious vulnerability in a well-known PC game DRM system. The Google engineer said that after buying a game from Ubisoft he became aware that its “Uplay” browser plug-in might prove problematic. In the early hours of this morning Ormandy confirmed that the add-on allows remote and “wide access” to machines running the DRM, potentially giving malicious attackers free reign to wreak havoc. Digital Rights Management (DRM) software is seen as an essential part of life for many games developers. It allows them to control who and who cannot copy, install and otherwise operate their software, usually for the purposes of piracy control. But all too often DRM hits the headlines when it either fails to do its job or generates unintended side-effects that cause headaches for legitimate users. Today could be the start of a very big headache indeed for Ubisoft and people who have purchased the company’s games. According to hacker/researcher Tavis Ormandy, the Uplay DRM system designed and operated by Ubisoft could be opening up the company’s customers’ machines to a whole world of hurt. “While on vacation recently I bought a video game called ‘Assassin’s Creed Revelations’. I didn’t have much of a chance to play it, but it seems fun so far,” Ormandy wrote on the Full Disclosure mailing list yesterday. “However, I noticed the installation procedure creates a browser plugin for its accompanying Uplay launcher, which grants unexpectedly (at least to me) wide access to websites. I don’t know if it’s by design, but I thought I’d mention it here in case someone else wants to look into it.” Just 24 hours later Ormandy was back with a worrying update. “I got it working,” he wrote. “I submitted it to Ubisoft via the online form.” What Ormandy appears to be suggesting is that once hackers understand how this vulnerability works, websites could incorporate an exploit into their designs which could then allow them to gain access to a Ubisoft game-player’s PC. The sky’s the limit with this kind of opening – software installs, keyloggers, bots or other malware all become possible. A list of games running Uplay DRM can be found here – they include some huge names such as the Assassins Creed series, Call of Juarez: The Cartel, Driver: San Francisco, Silent Hunter 5: Battle of the Atlantic, and all the Tom Clancy games. TorrentFreak contacted Ormandy for comment and we will update this article with his comments when they come in. .
__________________
PUTIN TRUMP & Netanyahu Will Meet in HELL TRUMP WARNS; 'There'll Be a Bloodbath If I Don't Get Elected' PLEASE HELP THIS SITE..Click DONATE & Thanks to ALL Members of ... 1.. THIS SITE IS MORE THAN JUST WAREZ...& TO STOP SPAM-IF YOU WANT TO POST, YOUR FIRST POST MUST BE IN WELCOMES |
Currently Active Users Viewing This Thread: 2 (0 members and 2 guests) | |
Thread Tools | |
Display Modes | |
|
|