Blizzard, a subsidary of Vivendi, builds and markets the popular computer game known as World of Warcraft, which claims more than 4.5 million players worldwide. Unknown to most players is the fact that World of Warcraft includes an embedded spyware(ref: is warden spyware?) program which indiscriminantly reads data from all open windows and processes on the users computer. The purpose of the warden is to verify compliance with the EULA and TOS. While many welcome the warden as a means to catch cheaters who use 3rd party 'botting' programs, many others may find this a violation of privacy.

The fact is that the warden client reads information from other processes on the computer. Regardless of the reasons, this technically counts as 'spying' on a user. So, reasons aside, the term 'spyware' is fitting.

Rather than debate the morality of this behavior, I would like to give the consumers the power to make this decision for themselves. I am releasing a program called 'The Governor'. The Governor is very simple - it watches the activities of World of Warcraft, and clearly reports which data is being read from other processes. The Governor makes no attempt to subvert or alter the behavior of the warden client, or World of Warcraft. The Governor will not assist you in cheating. The Governor exists for one reason, to tell you the truth.

Here is the governor, released with FULL SOURCE. There are no secrets or tricks. See the warden in action for yourself:

http://www.rootkit.com/vault/hoglund/Governor.rar

and, as a ZIP file,

http://www.rootkit.com/vault/hoglund/Governor.zip

In the screenshot, you can see World of Warcraft reading memory from the processes running on my computer.

Absolutely no reverse engineering is required to make the Governor work. The Governor monitors fully documented API calls which are offered by the Microsoft Windows operating system. To monitor these API calls, the Governor uses a documented library called 'Detours', which is available from Microsoft.

Will Blizzard ban me if I use The Governor?

I have personally been running The Governor on a test account and there have been no problems. The Governor does not modify the behavior of WoW.EXE or the warden. The Governor is not designed to assist cheaters, and offers no mechanism to help cheaters hide their programs.

But, that being said, Blizzard can choose to ban you for using a 3rd party program. The Governor is a 3rd party program. While the Governor poses absolutely no threat from a cheating aspect, it does expose the behavior of their warden client. In my opinion, banning people for seeking the truth about warden would sink Blizzard to a new all-time low. But, this isn't my decision. I cannot guarantee you won't be banned.

AN OPEN MESSAGE TO BLIZZARD
Blizzard, it is within your right to attempt to make your computer game that way you wish it to be, and to attempt to catch cheaters. But, reading the memory of other processes and windows that are not part of the World of Warcraft game client is a violation of privacy. Making a violation of privacy legal in your EULA and TOS does not make it also moral. It remains a violation of privacy. Please refactor your policy in regards to scanning memory, and limit the warden to integrity checking of the game client's memory space, and please stop opening other processes and reading windows that do not belong to you.

-Greg Hoglund

read comments (64) / write comment

recent comments:

You cannot see violation?	nobody111	09.Jan:00:59
How many possible hashes	Lexie	15.Nov:09:48
Blowing 'The Warden' out of proportion.	zel	04.Nov:15:45
Blowing 'The Warden' out of proportion.	zel	04.Nov:15:43
procedure entry point not located	serendipity	02.Nov:09:26

. . .

printer-friendly version