New Warden in Town

For those of you that missed it – a good while back, Blizzard made the news in a hard way when consumers learned that the gaming company had included a sneaky bit of anti-cheating software into the World of Warcraft client. The software is called “Warden” and has been around for some time busting punks and catching cheaters in Blizzard’s Battlenet service. One of the less known features of patch 2.3 is a newer and much stronger version of the Warden. It is believed that this new version is significantly more powerful in its pursuit of those trying to exploit the games Terms of Service.

At first blush, this seems pretty reasonable. No one likes competing against botters and gold-pharmers for in game resources . Nor do they like the impact that these actions can have on server economies. For that matter it’s safe to say that the average gamer is even less thrilled about keyloggers and trojans, both of which can be used to hijack an account leaving the toons inside naked and penniless. If the Warden is there to protect us from the predations of tools like these – then more power to it right?

Maybe, maybe not. According to the Electronic Frontier Foundation, Warden is technically spyware…spyware that runs on our home computer and dutifully reports our activities back to the Blizzard mothership. Creepy but not necessarily evil? I mean after all, Blizzard is just trying to keep the playing field level for the actual gamerz while providing no safe haven for professional cheaters, hackers, and gold/level pharmers. According to folks at Blizzard – that’s exactly the letter and spirit of their intent.

Despite this, there are an increasing number of folks who are up in arms about the Warden and markedly unhappy that the tool has taken up residence on their hard-drives. They claim that not only is the Warden able to comb through virtually all parts of your computer – but that its findings are often arbitrary and have been the cause of unjust bannings and account closures.

While it’s hard to measure the veracity of these claims, it is clear that the Warden has a great deal of power. Greg Hoglund, a security expert and author has spent a fair amount of time looking at what Warden does while it runs in the background of our game. According to Hoglund’s Blog, the Warden runs about every 15 seconds while we play and does a number of things including:

  • Reads information from the World of Warcraft Application and all of the dynamically linked code libraries that make it up
  • Grabs the “window text” from the titlebar of every open application window…including applications that have nothing to do with WoW
  • Through these open applications Warden was able to sniff through the e-mail addresses of contacts in chat clients, pull the URL’s of open websites and the names of all of his running applications – even the ones in his toolbar

According to Hoglund, the application then compares this information to built in “libraries” of “bannable data.” Simply put – if something you’re running is actively against the terms of service (such as a botting application like WoW-Glide) then that fact is zipped off to Blizzard who can then immediately flag your account for investigation or closure. This is a careful difference. No personal information of yours is technically passed to Blizzard, instead, they simply look at what’s going on in your system and then compare it against a list of things they think are suspect. If Warden finds a match – he calls home and tells mom about it. This allows Warden to be quite invasive in its exploration of our running processes – without technically telling anyone at Blizzard how much money is in our Quicken Checking Account.

“So what?” one might say, “I don’t bot, I don’t buy gold, and no one else has access to my account – so I have nothing to worry about.” In a sense, this is true, it’s easy to not fear a tool like the Warden when you game with the righteous. But what happens if you inadvertently surfed to a gold selling website and didn’t think to close the window before launching WoW? When Warden runs does it know the difference between someone buying gold and someone who’s just browsing? Does Blizzard care? The problem is that no one outside of Blizzard knows what the rules are when it comes to account banning or closure and thus it’s truly impossible to know how a certain action might be looked at.

To the truly paranoid this is on par with allowing police the ability to search your home at any time – with no search warrant – and then being subject to prosecution for offenses that only they know exist. Regardless of how you might feel about gold pharming or botting – there is a certain atavistic fear involved with someone that can invade your privacy at any time and report on your actions. Blizzard claims to only want to protect their game and their business (as well as your in game experience) from the predations of those that would exploit it. This is understandable – reasonable even. But every WoW player signs away a small (or large depending upon how you look at it) bit of their privacy when they accept the Terms of Service for the game, without really understanding what’s living on their hard-drive.

As of 2.3 – there is a new wrinkle. Not only do we have the toughest, meanest, most ruthless version of the Warden resident on our computers, but he now speaks a language that only Blizzard can understand. That’s right – the output from the new Warden is now completely encrypted. In the past, a number of bloggers and gamers supported Blizzard’s use of Warden because the results of the application rumbling around their hard-drive could be monitored by other applications or tracked by a good firewall. This is no longer the case. While the Warden may be as benign as ever to the honest WoW player, the fact remains that what he does on our systems is now completely obfuscated from even the most technical. While most of us will continue to play World of Warcraft – the fact remains that the application now resident in the guts of our game is one that monitors our actions and speaks in tongues. The results of these incomprehensible conversations have great power over our ability to play the game. Yet none of us know the rules it judges our worthiness by – or when it might find us wanting.

This latest action by Blizzard takes some of the luster off of what I believe to be an exemplary patch to the game. Now I don’t personally believe that Blizzard is mining my personal information or communicating my bank balance and shopping preferences to Blizzard. But the fact remains that I don’t appreciate that the functions of the tool are no longer transparent. Only time will tell how effective the new watch-dog program will be. Can it bring an end to the corruption of WoW economies by gold sales? Can it protect players from those that would compromise their accounts and steal the fruit of their in-game labors (or worse – their credit card numbers and account passwords?) Will it be a fair arbiter of justice? Or will we begin to see innocent people get their accounts banned because they surfed the wrong web-page, communicated with the wrong people in IM or received SPAM e-mail from known gold sellers?

While I don’t have a single tin-foil hat in my closet, I can’t help but feel a bit creeped out about all I’ve learned. I know from now on, when I play – I’ll close everything but the game itself. This in itself is a bit of a drag on my in game experience since I’m used to having FireFox open (with about a million tabs) and my mail and chat clients all open. As a mac user it’s easy enough to run WoW in a window and keep up with the rest of my online life at the same time. But like having to maintain some kind of half understood systema or to maintain command information security, I’m now feeling pressured to mitigate how I enjoy the game – because I just don’t know what it might say about me while I play.