Video Game SecurityVideo Game Security

Brett CobbsBrett Cobbs

Matthew BoquistMatthew Boquist

ONLINE VIDEO GAMESONLINE VIDEO GAMES

controlled a majority of the computer controlled a majority of the computer world for sometime now and have world for sometime now and have never stopped growing never stopped growing

Gaming has always and remains a Gaming has always and remains a prime drive of the personal computer prime drive of the personal computer market market

In the past ten years it has grown as In the past ten years it has grown as quickly as the internet and is in quickly as the internet and is in hundred of millions of peoples homes hundred of millions of peoples homes

MMORPGMMORPG

There are many types of genres for video There are many types of genres for video games but the biggest and most security games but the biggest and most security sensitive is the MMORPG (Massive Multi sensitive is the MMORPG (Massive Multi Online Role Playing Game). Online Role Playing Game).

A massively multiplayer online role-playing A massively multiplayer online role-playing game is a genre of computer role-playing game is a genre of computer role-playing games (CRPGs) in which a large number of games (CRPGs) in which a large number of players interact with one another in a players interact with one another in a virtual world virtual world

GREATEST OF MMORPGSGREATEST OF MMORPGS

The most popular of this type of video game The most popular of this type of video game is WoW (World of Warcraft) is WoW (World of Warcraft)

At the current time there are around 11 At the current time there are around 11 million subscribers to the game that pay a million subscribers to the game that pay a monthly fee of $14 a month to play the game. monthly fee of $14 a month to play the game. That is a ridiculous $154 million dollars a That is a ridiculous $154 million dollars a month that Blizzard entertainment is making. month that Blizzard entertainment is making.

This concentration of money and players is a This concentration of money and players is a spawning pool for hackers, cheaters, and spawning pool for hackers, cheaters, and criminals that will do anything to take criminals that will do anything to take advantage of the game and even make a advantage of the game and even make a living out of it. living out of it.

GAME MONEY = REAL GAME MONEY = REAL MONEY?MONEY?

In WoW and many online mmorpgs there is an in In WoW and many online mmorpgs there is an in game virtual economy that is in effect, in which game virtual economy that is in effect, in which players find items, sell items and, level up players find items, sell items and, level up characters. characters.

Can sell their characters or items through third Can sell their characters or items through third party programs(A Middle Market)party programs(A Middle Market)

IGE is the largest company in this middle market IGE is the largest company in this middle market netting $400 million per year by acting as the netting $400 million per year by acting as the real-world “middle man” for virtual goods. real-world “middle man” for virtual goods.

Entire industries of sweatshops with hundreds of Entire industries of sweatshops with hundreds of thousands of workers in China now exist to do thousands of workers in China now exist to do just this. just this.

TYPE OF GAME EXPLOITSTYPE OF GAME EXPLOITS

BOTTINGBOTTING DUPINGDUPING AIM BOTTINGAIM BOTTING

sometimes called "auto-aiming", is software sometimes called "auto-aiming", is software that assists the player in aiming at the target. that assists the player in aiming at the target.

WALL HACKINGWALL HACKING Wall hacking involves changing of wall Wall hacking involves changing of wall

properties in first-person shooters. properties in first-person shooters. MAP HACKMAP HACK

is a cheat that enables the player to see more is a cheat that enables the player to see more of the map than the game intends them to see. of the map than the game intends them to see.

WALL HACKWALL HACK

WALL HACKINGWALL HACKING Wall hacking Wall hacking

involves changing involves changing of wall properties in of wall properties in first-person first-person shooters. shooters.

MAPHACKMAPHACK

MAPHACKMAPHACK is a cheat that is a cheat that

enables the player enables the player to see more of the to see more of the map than the game map than the game intends them to intends them to see. see.

AIMBOTAIMBOT

AIMBOTTINGAIMBOTTING sometimes called sometimes called

"auto-aiming", is "auto-aiming", is software that software that assists the player in assists the player in aiming at the aiming at the target. target.

BOTSBOTS

A bot is a player who A bot is a player who runs a third party runs a third party program to control program to control their character. their character.

The bot will kill The bot will kill monsters, loot money, monsters, loot money, mine, or gain levels mine, or gain levels automatically without automatically without the player having to the player having to be in front of the be in front of the computer. computer.

DUPINGDUPING

Duping refers to the Duping refers to the practice of exploiting a bug practice of exploiting a bug in a video game to in a video game to illegitimately create illegitimately create duplicates of unique items duplicates of unique items or currency or currency

Currency dupes cause Currency dupes cause inflation and cause the inflation and cause the item to lose value item to lose value

This can create a great This can create a great problem in the games problem in the games economy and even with economy and even with real money selling,real money selling, Not sure if real or dupeNot sure if real or dupe

http://www.youtube.com/watch?v=x50b-_feO6A&feature=related

Solving These Security Solving These Security IssuesIssues

admins/moderators admins/moderators In game playere take care of many of the In game playere take care of many of the

problems in the game problems in the game power to ban accountspower to ban accounts

PatchesPatches fix and exploits or bugs in the gamefix and exploits or bugs in the game

Third Party ProgramsThird Party Programs create a secure environment for their gamecreate a secure environment for their game Example: nProtect Game Guard Example: nProtect Game Guard

PiratingPirating

The act of downloading The act of downloading or stealing a game or stealing a game without paying for it.without paying for it.

Major Security Major Security IssueIssue

Severe loss of Severe loss of fundingfunding Future GamesFuture Games Why make any Why make any

more?more?

Anyone could be a pirate…Anyone could be a pirate…

Mr. Burmester is not a pirate… as far as we know

Why pirate games?Why pirate games?

A Known Pirate’s Response!A Known Pirate’s Response!• ““Why not just buy your games to Why not just buy your games to

support the company?” - Mattsupport the company?” - Matt• ““I go to college man, that’s I go to college man, that’s

expensive, and video games are all expensive, and video games are all fifty to sixty dollars. I still buy games fifty to sixty dollars. I still buy games when I know they will be good, but when I know they will be good, but most of the new video games are not most of the new video games are not worth thirty dollars.” worth thirty dollars.” – Anonymous FSU StudentAnonymous FSU Student

Cliff Harris, owner of Positech Cliff Harris, owner of Positech GamesGames

Harris asked why Harris asked why people pirated his people pirated his games?games? MoneyMoney Strong dislike of Strong dislike of

Digital Rights Digital Rights Management locks Management locks (SecuROM)(SecuROM)

Unknown qualityUnknown quality

The Designers Strike Back!The Designers Strike Back! Class-action Class-action

lawsuitslawsuits More, and More, and

stricter stricter SecuROMSecuROM

Honest customer suffer, pirates Honest customer suffer, pirates laughlaugh

SecuROM had the SecuROM had the opposite effect that opposite effect that companies wanted.companies wanted.

Man in Pennsylvania Man in Pennsylvania files class action files class action lawsuit against EA for lawsuit against EA for installing files not installing files not mentioned in his mentioned in his installation manual or installation manual or End User License End User License Agreement.Agreement.

How far is too far?How far is too far? Should companies Should companies

have the right to have the right to install unwanted, install unwanted, additional software additional software on our machines?on our machines?

Are the machines Are the machines resources not the resources not the customer’s?customer’s?

Why so hard to Why so hard to remove?remove?

SecuROM causing more people SecuROM causing more people to pirate?to pirate?

SporeSpore, a recently , a recently released EA Games released EA Games PC game, was not PC game, was not only pirated, the only pirated, the game’s SecuROM was game’s SecuROM was removed from the removed from the pirated version, and pirated version, and being downloaded being downloaded BEFORE the actual BEFORE the actual release date.release date.

Over 500,000 Over 500,000 copies of the copies of the pirated version of pirated version of Spore had been Spore had been downloaded just downloaded just days after release. days after release.

Over $13,333,333 Over $13,333,333 lossloss

The harsh SecuROMs are not The harsh SecuROMs are not causing an acceptable solution.causing an acceptable solution.• Honest customers Honest customers

suffersuffer– Unwanted software.Unwanted software.– Has been known to Has been known to

cause problems cause problems with machines.with machines.

• Developers sufferDevelopers suffer– Harsh feedback from Harsh feedback from

actual customers.actual customers.– Game still gets Game still gets

pirated, possibly pirated, possibly more so than it more so than it would have without would have without the harsh SecuROM.the harsh SecuROM.

• Pirates laugh!• They just remove the harsh SecuROM and continue to pirate the games.• Pirating becomes more acceptable to honest users to avoid the harsh SecuROM.

Acceptable Solution? Steam.Acceptable Solution? Steam.

Online video game Online video game purchase/storage purchase/storage device.device. Cheaper, no middle Cheaper, no middle

manman Easy accessEasy access Games stored to Games stored to

account, not machineaccount, not machine Light on SecuROM Light on SecuROM

since game is since game is guaranteed to be legit.guaranteed to be legit.

http://http://store.steampowered.comstore.steampowered.com//

Questions?