Sign in with
Sign up | Sign in
Your question

Ubisoft "Uplay" DRM exposed as backdoor / rootkit

Last response: in Video Games
Share
July 30, 2012 2:42:21 PM

Ubisoft "Uplay" DRM exposed as rootkit; dozens of popular games hacked

Ubisoft installs a backdoor that allows any website to take over your computer. The Sony BMG rootkit was also DRM and required product recall when it was discovered.

This is quite scary! Anyone else in toms is aware of this?

http://news.ycombinator.com/item?id=4311264

If you play one of the games below try clicking on this link (tested with Assassin's Creed on Win7 and FireFox).

http://pastehtml.com/view/c6gxl1a79.html
July 30, 2012 3:18:29 PM




It could be argued that DRM causes some piracy. I am not advocating piracy just stating the facts.

Mactronix :) 
July 30, 2012 7:24:32 PM

joseflavio said:
Ubisoft "Uplay" DRM exposed as rootkit; dozens of popular games hacked

Ubisoft installs a backdoor that allows any website to take over your computer. The Sony BMG rootkit was also DRM and required product recall when it was discovered.

This is quite scary! Anyone else in toms is aware of this?

http://news.ycombinator.com/item?id=4311264

If you play one of the games below try clicking on this link (tested with Assassin's Creed on Win7 and FireFox).

http://pastehtml.com/view/c6gxl1a79.html


Just because something is DRM and accidentally provides a backdoor into a computer allowing an unrelated rootkit to take hold, does not make Uplay a rootkit. It makes it a bad piece of software.
July 30, 2012 7:30:13 PM

Quote:
If it installs without your knowledge and isn't stated anywhere in the EULA that it will be installed, then it's a form of rootkit.

Either way, it's a security rsik.


That is literally in no way a defining part of a rootkit. That is a surreptitious piece of software, but none of that describes what a rootkit does in a way to make it exclusive from any other such piece of software.

It's a security risk, but this thread is using buzzwords inappropriately.[


"Contrary to what some parts of the web are currently screaming, this is not a rookit – it’s an exploit in a browser extension. Alas, the vast majority of folk with said browser extension will have been hitherto unaware that Uplay had installed it." to quote Stig's more reliable rockpapershotgun article.

Also, I have a couple of these titles installed and up to date, but do not have Uplay installed at all. Was it part of those additional installs that every responsible computer user disables manually on installation?
July 31, 2012 7:18:25 AM

This program could be called a rootkit because it allows the computer to run ANY ARBITRARY code that Ubi wants without asking for an installation or warning the user.

Wikipedia:
"Rootkits and their payloads have many uses:
....
* Enforcement of digital rights management (DRM).
....
"

If you install a program that allows any arbitrary code to be run by a webpage just trusting your security will be enough, you are exposing your users to a very serious security risk just to enforce your own interests.
July 31, 2012 1:17:24 PM

Only people with bad understanding of how their PC works and how to protect it would consider this "quite scary"
July 31, 2012 3:03:13 PM

^ True. That's why I deleted my post - not sure how casualcolors managed to quote it after I deleted it. Once I read it was just a browser plugin I realized that it's not a rootkit and it's easily disabled.
July 31, 2012 3:25:03 PM

You would think they would of learned, after what happened to sony.
July 31, 2012 7:25:32 PM

joseflavio said:
This program could be called a rootkit because it allows the computer to run ANY ARBITRARY code that Ubi wants without asking for an installation or warning the user.

Wikipedia:
"Rootkits and their payloads have many uses:
....
* Enforcement of digital rights management (DRM).
....
"

If you install a program that allows any arbitrary code to be run by a webpage just trusting your security will be enough, you are exposing your users to a very serious security risk just to enforce your own interests.


Nothing that you wrote designates it as a rootkit, but rather highlights that you have no idea what the word rootkit means. As already stated in this thread and by the sites acknowledging its existence, it is a browser extension that can be manipulated unintentionally. That doesn't make it a rootkit. That actually has nothing to do with whether or not it would be a "rootkit". You should probably visit a few more definitions of the term, or perhaps more fully read the partially quoted article from your post. Uplay doesn't embed itself in the root nor the main directory nor however you want to define the location depending on your OS.

You could potentially have received a rootkit-type program through Uplay if someone were to manipulate it against you and use it to install such software though. Obviously, this wasn't intentional on Ubisoft's part and in the access gained to your computer through Uplay is the result of an unintentionally exploitable portion of the software, not because it is designed to promote that function. Everyone seems to understand this except a very small minority in this thread.
!