blizzard

Flash Vulnerability for World of Warcraft

May 29, 2008 By Gitr 1 Comment

Blizzard is announcing via WorldofWarcraft.com site and the in-game login screen that there is a security vulnerability in some versions of Flash that affects WoW users. The upgrade was pretty quick and easy, so if you have administrator permissions, go ahead and get this taken care of before you join the thousands of hacked accounts. Here is the official word from Blizz:

A recent vulnerability has been discovered in popular web-content delivery program Adobe Flash, and it could potentially be used to target World of Warcraft players and accounts. The newest available version of Adobe Flash, version 9.0.124.0, does not contain this vulnerability, and we recommend that everyone upgrade their Flash player as soon as possible by visiting the Adobe.com download page at the link below.

http://www.adobe.com/shockwave/…

In addition, to avoid exploitation of this vulnerability, we have temporarily disabled the ability to post hyperlinks in our forums. Any links will need to be copied and pasted into a browser. We’ll continue to evaluate any potential security threats and take any steps necessary to ensure a safe and fun environment.

For more information on this issue, you can read the announcements from the Adobe security team concerning the threat at the links below.

http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue_u_1.html

Go upgrade and play safe.

Patches Are Creating Stupid-Easy Mode

May 12, 2008 By Gitr 8 Comments

Blizzard is making the game too easy. Sure, I see why they are doing it: there are fewer and fewer people playing in the Old World to make it easy to group up and complete Elite quests. Now that you know I know why, I’m going to complain about it anyway to make a broader point.

Remember those Elite kill quests in Winterspring? The bear, Ursius; Chimera, Brumeran; and that ever-so-hard cat, Shy-Rotam? Man, those were benchmarks of greatness! If you could take those on as like-level or below, you were the bomb!

Those benchmarks are no longer cool, because Patch 2.3 removed the l33tness from them. Ursius is just a big bear, and he’s not the only mob that’s been neutered. I’ve noticed things being easier than before and it just wasn’t clicking that they are no longer Elite.

So what the heck are we supposed to do for benchmarking our abilities? I can kill things 4-5 levels higher than me right now, but how would I stack up against the great Ursius?

I’ll never know.

What former Elite mobs are leaving you with a big let-down when you go after them?

Starting Over at 60 (or 58)

February 25, 2008 By Archsooner 5 Comments

Does anyone else have the feeling that anything other then questing is a waste of time between the levels 50 to 60?

Prior to BC coming out, BlackrockDepths was one of my favorite instances. The drops were awesome and the battles challenging. I didn’t raid much prior to BC, actually only a few trips into UBRS, but I did get some decent gear. My point in all of this is: “why doesn’t Blizzard do something to make these instances worth going to again?” What’s the point of defeating Emperor Dagran Thaurissan when the first green you get in Outlands will replace it? The same goes for any of the bosses in UBRS which you need a ten-man raid to even do. I know on my server it is impossible to find a raid going to any of the old raid instances (I did go to AQ 20 with 14 70s one time but that was a looong time ago and everyone I went with was either bored or had never been like me and wanted to see it).

In my opinion, Blizzard spent a lot of money back in the day to make these level 60 raid dungeons such great places to go so why not upgrade the loot so that an epic from Ragnaros does more then the first blue you get in Hellfire Ramparts? I just know from my own experience that it took a lot of joy out of running BRD 10 times to get the Foreman’s Head Protector from Fineous when the very first green in Outlands that dropped for me had better stats. BRD may be a bad example since the XP is decent although I know I can level faster just completeing the quest solo but what about the raids???

Is it only me, or would other people enjoy going back and doing these instances or if you’re like me… seeing them for the first time? Do you think Blizzard should upgrade the loot prior to outlands to make it more compatible with the loot you get there? Should a lvl 58 blue really be put to shame by a lvl 58 green just because one came from Outlands and the other from UBRS or Scholo? Just wanted to get everyone else’s opinions.

Introducing BlizzCast – The Blizzard Podcast

January 10, 2008 By Gitr 2 Comments

BlizzCast player Blizzard has joined the rest of the community with their very own podcast today! The first episode features Samwise Didier, their Art Director and concept artist. They discuss what he loves about Warcraft and Starcraft. It’s a great listen and I look forward to many more episodes. Down with WoWpodcast, long live BlizzCast.

Check out the transcript if you are on a lame connection or download the 24MB mp3 file.

You can subscribe to the feed by clicking this link and, as always, please subscribe to our feed to make sure you don’t miss any of our articles.

Broken Game Dynamic: Mobs Don’t Suffer Spell Interrupts

November 21, 2007 By Gitr 7 Comments

We’ve all been there: you are taking a beating from [insert number and name of mob(s) of choice] and you just need to get one more spell off. It might be a healing spell or that finishing fireball. Doesn’t matter, because it’s not going to happen because of that frustrating game dynamic – spell interrupt. The rest of this read comes down to this: I don’t see a player-to-mob spell interrupt in combat from melee or ranged or spell damage alone. When I get hit, my spell casting is interrupted, but I don’t see that happening to the stuff I whack, shoot, or burn/freeze, do you? Maybe it’s there, but all I see is a casting bar running along at a pretty nice, steady clip with full fury blazing on Gitr, Rapid Fire on Huntr, and more.

I’ve played nearly every class in the game, and the only classes that I didn’t experience a problem with interrupt were my warrior and mere level 24 rogue. Certain classes have talents and trainable skills that allow you to avoid interruption, at least for a certain amount of time, sometimes with a severe cooldown. A 5-30 minute stun ability doesn’t do crap for leveling, now does it?

Why is it that no matter what you’re going up against, outside of PvP, it is not deterred by dozens of slashes with daggers, 50% health-sapping spells, or a steady spell like Mind Flay? It is an unfair advantage that mobs have. Can you imagine how heroic you would be if you could take on 8 mobs at once and then heal yourself as a druid or paladin? What about those times you need to Scare Beast when your pet loses aggro and is about to go down? Heaven forbid you just put up a bubble as a priest and got whacked by something that cleared its entire absorption limit. Good night, fair priest.

It was just yesterday that I came across a perfect time when it would have been nice to have a tit-for-tat interruption. Paladr, my level 47 tankadin was in Feralas going after the 10 Gordunni Shaman when he purposefully aggroed 2 of them and accidentally invited 2 more. What do we have here? Four like-level mobs with 1/2 melee, 1/2 spell damage, healing abilities, and mana equal to me… per mob. Great! Now I have to beat my way through over 8k HP and 8k mana with only a 2k mana pool.

Every time I wanted to stop one of them from healing, I’d use up my 1 minute stun ability because I had to keep Seal of Light up for self-healing. I could leave Seal of Justice up to stun them periodically if it was possible to heal myself – oh yeah – I get interrupted, even with Aura of Concentration up. None of them were dissuaded from casting a heal on each other or themselves despite standing on Consecrated ground and hitting them with an epic mace. Even with Aura of Retribution up they will still cast their spell in 2 seconds flat.

At the least, casters should be able to interrupt mobs with spells to make it a strategy game to use faster spells to interrupt them, no differently than you do in PvP.

That takes us all the way to contemplating why PvE isn’t treated the same as PvP in this game dynamic. I understand not having player collision, but this difference doesn’t make any sense to this gamer. I also get that this would dramatically change the nature of leveling, especially grinding. There are mobs that get ignored more than others because of the certain spells they cast, and others that get targeted, and I daresay over-camped, because of a lack of spells to fight through, especially heals and stuns. Oh, the dreaded mana drain… don’t get me started on that…

What do you say? Is there server-side interruption on mobs and I’m just not seeing it? I don’t see any downsides to having it be a fair exchange of weakness to place that dynamic on NPC casters.

New Warden in Town

November 15, 2007 By Growl 4 Comments

For those of you that missed it – a good while back, Blizzard made the news in a hard way when consumers learned that the gaming company had included a sneaky bit of anti-cheating software into the World of Warcraft client. The software is called “Warden” and has been around for some time busting punks and catching cheaters in Blizzard’s Battlenet service. One of the less known features of patch 2.3 is a newer and much stronger version of the Warden. It is believed that this new version is significantly more powerful in its pursuit of those trying to exploit the games Terms of Service.

At first blush, this seems pretty reasonable. No one likes competing against botters and gold-pharmers for in game resources . Nor do they like the impact that these actions can have on server economies. For that matter it’s safe to say that the average gamer is even less thrilled about keyloggers and trojans, both of which can be used to hijack an account leaving the toons inside naked and penniless. If the Warden is there to protect us from the predations of tools like these – then more power to it right?

Maybe, maybe not. According to the Electronic Frontier Foundation, Warden is technically spyware…spyware that runs on our home computer and dutifully reports our activities back to the Blizzard mothership. Creepy but not necessarily evil? I mean after all, Blizzard is just trying to keep the playing field level for the actual gamerz while providing no safe haven for professional cheaters, hackers, and gold/level pharmers. According to folks at Blizzard – that’s exactly the letter and spirit of their intent.

Despite this, there are an increasing number of folks who are up in arms about the Warden and markedly unhappy that the tool has taken up residence on their hard-drives. They claim that not only is the Warden able to comb through virtually all parts of your computer – but that its findings are often arbitrary and have been the cause of unjust bannings and account closures.

While it’s hard to measure the veracity of these claims, it is clear that the Warden has a great deal of power. Greg Hoglund, a security expert and author has spent a fair amount of time looking at what Warden does while it runs in the background of our game. According to Hoglund’s Blog, the Warden runs about every 15 seconds while we play and does a number of things including:

Reads information from the World of Warcraft Application and all of the dynamically linked code libraries that make it up
Grabs the “window text” from the titlebar of every open application window…including applications that have nothing to do with WoW
Through these open applications Warden was able to sniff through the e-mail addresses of contacts in chat clients, pull the URL’s of open websites and the names of all of his running applications – even the ones in his toolbar

According to Hoglund, the application then compares this information to built in “libraries” of “bannable data.” Simply put – if something you’re running is actively against the terms of service (such as a botting application like WoW-Glide) then that fact is zipped off to Blizzard who can then immediately flag your account for investigation or closure. This is a careful difference. No personal information of yours is technically passed to Blizzard, instead, they simply look at what’s going on in your system and then compare it against a list of things they think are suspect. If Warden finds a match – he calls home and tells mom about it. This allows Warden to be quite invasive in its exploration of our running processes – without technically telling anyone at Blizzard how much money is in our Quicken Checking Account.

“So what?” one might say, “I don’t bot, I don’t buy gold, and no one else has access to my account – so I have nothing to worry about.” In a sense, this is true, it’s easy to not fear a tool like the Warden when you game with the righteous. But what happens if you inadvertently surfed to a gold selling website and didn’t think to close the window before launching WoW? When Warden runs does it know the difference between someone buying gold and someone who’s just browsing? Does Blizzard care? The problem is that no one outside of Blizzard knows what the rules are when it comes to account banning or closure and thus it’s truly impossible to know how a certain action might be looked at.

To the truly paranoid this is on par with allowing police the ability to search your home at any time – with no search warrant – and then being subject to prosecution for offenses that only they know exist. Regardless of how you might feel about gold pharming or botting – there is a certain atavistic fear involved with someone that can invade your privacy at any time and report on your actions. Blizzard claims to only want to protect their game and their business (as well as your in game experience) from the predations of those that would exploit it. This is understandable – reasonable even. But every WoW player signs away a small (or large depending upon how you look at it) bit of their privacy when they accept the Terms of Service for the game, without really understanding what’s living on their hard-drive.

As of 2.3 – there is a new wrinkle. Not only do we have the toughest, meanest, most ruthless version of the Warden resident on our computers, but he now speaks a language that only Blizzard can understand. That’s right – the output from the new Warden is now completely encrypted. In the past, a number of bloggers and gamers supported Blizzard’s use of Warden because the results of the application rumbling around their hard-drive could be monitored by other applications or tracked by a good firewall. This is no longer the case. While the Warden may be as benign as ever to the honest WoW player, the fact remains that what he does on our systems is now completely obfuscated from even the most technical. While most of us will continue to play World of Warcraft – the fact remains that the application now resident in the guts of our game is one that monitors our actions and speaks in tongues. The results of these incomprehensible conversations have great power over our ability to play the game. Yet none of us know the rules it judges our worthiness by – or when it might find us wanting.

This latest action by Blizzard takes some of the luster off of what I believe to be an exemplary patch to the game. Now I don’t personally believe that Blizzard is mining my personal information or communicating my bank balance and shopping preferences to Blizzard. But the fact remains that I don’t appreciate that the functions of the tool are no longer transparent. Only time will tell how effective the new watch-dog program will be. Can it bring an end to the corruption of WoW economies by gold sales? Can it protect players from those that would compromise their accounts and steal the fruit of their in-game labors (or worse – their credit card numbers and account passwords?) Will it be a fair arbiter of justice? Or will we begin to see innocent people get their accounts banned because they surfed the wrong web-page, communicated with the wrong people in IM or received SPAM e-mail from known gold sellers?

While I don’t have a single tin-foil hat in my closet, I can’t help but feel a bit creeped out about all I’ve learned. I know from now on, when I play – I’ll close everything but the game itself. This in itself is a bit of a drag on my in game experience since I’m used to having FireFox open (with about a million tabs) and my mail and chat clients all open. As a mac user it’s easy enough to run WoW in a window and keep up with the rest of my online life at the same time. But like having to maintain some kind of half understood systema or to maintain command information security, I’m now feeling pressured to mitigate how I enjoy the game – because I just don’t know what it might say about me while I play.