batto 17 Posted July 30, 2012 Hello customers of Ubisoft. Does following link open calculator for you? http://pastehtml.com/view/c6gxl1a79.html If yes, you're screwed because you supported DRM: http://seclists.org/fulldisclosure/2012/Jul/375 Share this post Link to post Share on other sites
BasileyOne 10 Posted July 31, 2012 https://news.ycombinator.com/item?id=4311264 also slashdotted http://games.slashdot.org/story/12/07/30/1214206/ubisoft-uplay-drm-found-to-include-a-rootkit Share this post Link to post Share on other sites
Placebo 28 Posted August 1, 2012 Kaspersky wouldn't allow me to visit the link ;) Share this post Link to post Share on other sites
MissileMoose 10 Posted August 1, 2012 Kaspersky wouldn't allow me to visit the link ;) It did the exact same with me, fantastic anti-virus/internet security. Eugene Kaspersky's son, Ivan was kidnapped in Russia and held for ransom a while back. I heard reports that he paid it outright, conflicting reports that he was rescued in a raid though. I wouldn't be supprised, since he's a billionaire. Off-topic I know, just a little food for though Placebo. Back on topic to Ubisoft and I'm quite surprised at how quickly they "fixed" the issue. I have a slight feeling that they knew about the security issue and possible even coded it in on purpose for whatever reason, if that isn't the case then I would suggest they increase the amount of testing prior to releasing software. Anyway I highly doubt it anything more will be reported. Share this post Link to post Share on other sites
batto 17 Posted August 1, 2012 Kaspersky wouldn't allow me to visit the link ;) It did the exact same with me, fantastic anti-virus/internet security. Are you sure that it would do the same two days ago ;) ? Back on topic to Ubisoft and I'm quite surprised at how quickly they "fixed" the issue. Still, long time has passed since Uplay was released and the good guy found and disclosed the hole. Damage has been done. If yes, you're screwed because you supported DRM ... and crappy dumbed down console ports. Share this post Link to post Share on other sites
Placebo 28 Posted August 1, 2012 It did the exact same with me, fantastic anti-virus/internet security. Eugene Kaspersky's son, Ivan was kidnapped in Russia and held for ransom a while back. I heard reports that he paid it outright, conflicting reports that he was rescued in a raid though. I wouldn't be supprised, since he's a billionaire. Off-topic I know, just a little food for though Placebo. That's rough, you'd think that being super rich in a super risky locale they'd hire decent security. Are you sure that it would do the same two days ago ;) ? Good question, I got a browser warning and a warning from Kaspersky itself, pretty sure it hadn't updated in the last two days so it's possible ;) Share this post Link to post Share on other sites
MissileMoose 10 Posted August 1, 2012 Still, long time has passed since Uplay was released and the good guy found and disclosed the hole. Damage has been done. That's true but I was referring to the time since the security flaw was recognized and reported by the likes of RockPaperShotgun and PCGamer. :) Share this post Link to post Share on other sites
krycek 349 Posted August 1, 2012 (edited) I would like to say that because their retarded insane drm policy they caused lots of troubles for legit customers.Which frankly leads me to the next conclusion to this whole new mess: Edited August 1, 2012 by Krycek Share this post Link to post Share on other sites
Sniperwolf572 758 Posted August 6, 2012 (edited) Back on topic to Ubisoft and I'm quite surprised at how quickly they "fixed" the issue. I have a slight feeling that they knew about the security issue and possible even coded it in on purpose for whatever reason, if that isn't the case then I would suggest they increase the amount of testing prior to releasing software. Anyway I highly doubt it anything more will be reported. Shitty and shifty as Uplay is, it's funny how conspiracy theories are formed over even the stupidest things. What happened is that the browser plugin was naively coded and a developer at Ubi thought "Yup, Base64, nobody will ever break that!" and nobody noticed it. No amount of regular QA testing would've caught this, because, the feature it was made for worked as expected. Unless of course they have QA that focuses on security issues like this. What would've probably caught it in a blink of an eye is a peer review of the code written from someone who understands the implications of not filtering any user input. To put it in perspective, imagine one day we find out that '[] exec "Y2FsYy5leGU=";' allowed you to launch the calculator from the editor. Now, would you blame BI QA for not catching that? I know I wouldn't, but I also wouldn't like to be one of the guys whose name is on the commits relating to that hole. Edited August 7, 2012 by Sniperwolf572 Share this post Link to post Share on other sites
batto 17 Posted August 6, 2012 (edited) Shitty and shifty as Uplay is, it's funny how conspiracy theories are formed over even the stupidest things. What happened is that the browser plugin was naively coded and a developer at Ubi thought "Yup, Base64, nobody will ever break that!" and nobody noticed it. No amount of regular QA testing would've caught this, because, the feature it was made for worked as expected. Unless of course they have QA that focuses on security issues like this. What would've probably caught it in a blink of an eye is a peer review of the code written from someone who understands the implications of not filtering any user input. The stupid thing is that their browser plugin allow execution of local programs from JavaScript (eg. from anywhere). If they are TAHT stupid (as in "why on earth are such people allowed to code?") to think that no one will notice it from base64 (very easy to recognise) argument to option that is named orbit_exe_path, then, well, there'll be probably much more going on in the wild =). Edited August 7, 2012 by batto Share this post Link to post Share on other sites
rangerpl 13 Posted August 7, 2012 Chrome opened the link but didn't open Calculator. Good on you, Chrome. Share this post Link to post Share on other sites