a darkside to Punkbuster?

[-Tigger-]

Quote:

Punkbuster Anticheat privacy invasion
Saturday April 29th 2006, 5:57 pm
Filed under: Uncategorized, hacking, technology, news

Today, one of my friends sheep found out something intresting about Punkbuster. As it is well known, I am one of the admins of msxsecurity, a large game hacking site. While on our quest to develop new bypass methods, we found out something very disturbing- Punkbuster is sending personal data back to its servers. We found this by monitoring pb’s file accesses- While in the past PB would only scan for running processes, it is now actively scanning the hard drive, and looking for .txt files in certain folders. It was logged with ethereal that punkbuster actually SENT the contents of a txt file to its servers (presumably for further investigation) Now while in this case it wasnt a huge issue, as the text file was just some install data for a codec, it could have been much more serious. (Think tax information, Social securitys #’s, Finances, etc..) While the streams of “dialog” arent exactly open between myself and punkbuster, I consider this to be a huge breach of trust with the public. The fact that PB is even actively scanning text files is a huge security issue that needs to be addressed, as it isnt even scanning inside the bf2 folder, it is computer wide, and any file that becomes ‘flagged’ is uploaded to PB.

I would like to reccomend to everyone that you write PB and let them know how wrong what they are doing is. Trying to aggressively detect cheats is one thing, but scanning and uploading private files is another.

Here is a screenshot showing a passive scan while searching for a .txt file.

http://www.wkccp.com/image/uploads/1b720b69f7.jpg

Some particulary intresting EULA info

Check out the parts in bold…

————

SOFTWARE LICENSE AGREEMENT

The terms of this Software License Agreement (this “Agreement”) shall apply to all versions, editions, and future updates of PunkBuster software and constitute a legal agreement between you (the “Licensee”) and Even Balance, Inc. (the “Licensor”).

BY INSTALLING, ENABLING OR USING PUNKBUSTER SOFTWARE, THE LICENSEE IS CONSENTING TO BE BOUND BY AND IS BECOMING A PARTY TO THIS AGREEMENT. IF LICENSEE DOES NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, ACCEPTANCE MUST NOT BE SPECIFIED BELOW AND LICENSEE MUST NOT INSTALL OR USE THE SOFTWARE.

EVEN BALANCE, INC. RESERVES ALL RIGHTS NOT SPECIFICALLY GRANTED HEREIN.

Licensor grants Licensee a non-exclusive and non-transferable license to use PunkBuster software only for non-commercial entertainment purposes. Licensee may not disassemble, decompile, reverse engineer, redistribute (in any form), create derivative works of, or modify PunkBuster software in any way. Licensor reserves the right to terminate the license at any time and for any reason, or no reason at all, and without notice to licensee. Additionally, upon breach of any term of this Agreement, the license granted under this Agreement shall automatically terminate without any additional notice to Licensee. Upon termination of the license, Licensee shall destroy all copies of PunkBuster software in Licensee’s possession.

Licensee acknowledges that PunkBuster software is optional and is not a requirement in any respect for using or enjoying games that integrate PunkBuster software technology. Licensee also acknowledges and agrees that PunkBuster software is self-updating, which means that future updates will, from time to time and without any notice, automatically be downloaded and installed as a normal and expected function of PunkBuster software. Licensee further acknowledges and accepts that PunkBuster software may be considered invasive. Licensee understands that PunkBuster software inspects and reports information about the computer on which it is installed to other connected computers and Licensee agrees to allow PunkBuster software to inspect and report such information about the computer on which Licensee installs PunkBuster software. Licensee understands and agrees that the information that may be inspected and reported by PunkBuster software includes, but is not limited to, devices and any files residing on the hard-drive and in the memory of the computer on which PunkBuster software is installed. Further, Licensee consents to allow PunkBuster software to transfer actual screenshots taken of Licensee’s computer during the operation of PunkBuster software for possible publication. Licensee understands that the purpose and goal of PunkBuster is to ensure a cheat-free environment for all participants in online games. Licensee agrees that the invasive nature of PunkBuster software is necessary to meet this purpose and goal. Licensee agrees that any harm or lack of privacy resulting from the installation and use of PunkBuster software is not as valuable to Licensee as the potential ability to play interactive online games with the benefits afforded by using PunkBuster software.

Licensee agrees not to export or re-export into any country subject to U.S. trade sanctions or to which the U.S. has embargoed goods or to any nationals or residents of such countries unless such nationals are permanent residents of a country that is not subject either to such sanctions or embargoed goods. LICENSEE AGREES NOT TO DOWNLOAD, INSTALL, OR USE PUNKBUSTER SOFTWARE IN A COUNTRY OR LOCALE WHERE SUCH ACTION WOULD VIOLATE ANY LAW OR ORDINANCE.

This Software License Agreement shall be construed in accordance with and governed by the applicable laws of the State of Texas and applicable United States federal law. Exclusive venue for all litigation regarding this Agreement shall be in Harris County, Texas. Licensee agrees that any portion of this Agreement found to be invalid or unenforceable shall be modified, to the extent allowed by law, so as to allow for the enforcement of the original intended meaning of the portion found to be invalid or unenforceable.

PUNKBUSTER SOFTWARE IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND INCLUDING, BUT NOT LIMITED TO, AND WITHOUT LIMITATION, THAT IT IS FREE OF DEFECTS, FIT FOR A PARTICULAR PURPOSE, OR THAT IT IS MERCHANTABLE. LICENSOR DOES NOT WARRANT THAT THE OPERATION OF PUNKBUSTER SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE OR THAT IT WILL MEET LICENSEE’S SPECIFIC REQUIREMENTS OR DESIRES. LICENSEE AGREES THAT NEITHER EVEN BALANCE, INC., ITS OFFICERS, DIRECTORS, SHAREHOLDERS, EMPLOYEES, CONTRACTORS, LICENSORS, BUSINESS PARTNERS, SUCCESSORS NOR ASSIGNS SHALL BE LIABLE FOR ANY CLAIM WHATSOEVER INVOLVING PUNKBUSTER SOFTWARE IN ANY WAY. FURTHERMORE, SHOULD ANY VERSION OF PUNKBUSTER SOFTWARE, INCLUDING FUTURE VERSIONS, PROVE DEFECTIVE IN ANY WAY, LICENSEE ASSUMES THE ENTIRE COST, IF ANY, OF LOSS OR DAMAGE OF ANY TYPE AND TO ANY DEGREE. THIS WARRANTY DISCLAIMER SHALL SURVIVE TERMINATION OF THE LICENSE OF PUNKBUSTER SOFTWARE BY LICENSEE, REGARDLESS OF WHETHER THE LICENSE IS TERMINATED BY EVENBALANCE, INC. OR LICENSEE.

This Agreement constitutes the entire agreement between Licensor and Licensee and supercedes any prior statements, whether written or oral.

*Please note that the comments of this post are the opinion of the author, and not to be taken as fact.

cant give u a link to the source as it would break the rules..

its unconfirmed at the min, but who knows theres always something sneaky with all these companies..

[IcIshoot]

Well, it does say right there in the EULA that they may inspect and report on any device or file in memory.


So since they state in the EULA, and by installing and using it you are agreeing to it, then I don't see how it is a breach of privacy since you are giving them permission to do it.


Now if they hadn't said that they were doing that, then I would agree that it is a breach of privacy.

thats why it is important to read the EULA. If you don't , you won't know what you are agreeing to.


IcI

[Hellfighter]

will this got me "msxsecurity, a large game hacking site" i don't take thier word for anything they would love to see PunkBuster ripe apart.

Sorry this one i don't take their word for it at all.

if you look in the Here is a screenshot showing a passive scan while searching for a .txt file. its a file with listing of things running inside Battlefield 2 game you see what the text field has in the listing the fool is running hacks inside the game in other words he cheating in the game.


talk about breaking the rules omg

PB don't scan your whole system for text data in it at all.

who word you going to take a cheaters or evenbalance word.

BB this is first time. i seem to see you using bad judgement guy sorry

thats a log file of items it catching that are active in the game play only.

i don't agreed on this at all

banned items: (cheats items)
MD5TOOL #9002 (Battle HUD Xtreme v1.0.exe)
MD5TOOL #9002 (Dark_BF2.dll)
MD5TOOL #9002 (MSX Loader.exe)
MD5TOOL #9002 (Dark_BF2.exe)


BF2 banned players and why they got banned for use of: http://rep.punksbusted.com:9000/cgi-...ey=16&remove=0

they all so use evenbalance software and evenbalance use thier forum to talk with others as will.

think this fool was trying to see as a host what get can get away with using cheats items that all i see

[Lucky]

hmmm. i take his word, i dont care what either say cuz PB is the worst tool in gaming history

btw the scan dosnt show anything

[Hellfighter]

sorry Lucky you feel that way.

it do a great job i hope it stays that way for a long time

[-Tigger-]

im only passing the information on as its been posted on numerous sites, from clan sites to resource sites.. no doubt Evenbalance will release a statement to confirm it or not..

to tell u the truth chief, pb dosnt stop msx.. within an hour of a PB update they had already made a work around..

only posting the info, but i sense this is gonna get out of hand..

[Hellfighter]

no i ask some other who work with PB for a long time, i hoping get their feed back on this as will. it ok

don't think it will get out of hand at all.

i do think thats is a cheater who is trying to host the game and see what he can get away with for hacks in the game as a host. not get banned at all. thats my feel of it all.

Quote:

admins of msxsecurity, a large game hacking site. While on our quest to develop "new bypass methods",

don't thats seem a bet funny

they trying to make new cheats (Updates) work better by bypass PB scan, so no one get seen for cheating and get banned for it.

[Hellfighter]

update BB its no then but a hocks basic what he trying to say.

oh and he do make up cheats for games as will all so got banned a lot of times for it too.

he trying to trash PB what they are not really doing it all lies.

PB only scan items that has to do with the game its supporting, he trying to fins new ways to get around PB scan is all at same time he releasing new type cheats to the public what he found he can use with PB only they catch on real soon. he getting tire of it all and now making up lies in hope others stop using PB totally.

by the way BB that guy sell's cheaters tools as if they are mods were they are not in the first place and he love to have his cheats working all the time without getting flame by other they don't work at all, if anything they got banned for it? its a bad sell item when there are anti-cheat software out there. so he trying to give PB a blackeye, on a lie

source of information: http://www.punksbusted.com/forums/bl...?showentry=234

make good read too. it cuts his b/s up

[Hellfighter]

all replys from: Omnix " Admin-Pucksbusted.com"

Source: http://www.punksbusted.com/forums/in...opic=21151&hl=

It might not surprise you to know that it was a cheat writer who wrote the above.

I'll pick out a few points.

Quote:

While in the past PB would only scan for running processes, it is now actively scanning the hard drive, and looking for .txt files in certain folders.

reply:
As I'll come onto, these are the extra MD5Tool checks that we distribute for our members. They look for particular files in the game directory. Only the game directory.

Quote:

It was logged with ethereal that punkbuster actually SENT the contents of a txt file to its servers (presumably for further investigation) Now while in this case it wasnt a huge issue, as the text file was just some install data for a codec, it could have been much more serious. (Think tax information, Social securitys #’s, Finances, etc..)

reply:
PunkBuster sends a 2KB hash of the file to the server. As any self-respecting programmer will tell you, a hash is a one-way process and the original contents of the file are not recoverable.

Secondly, the checks we use are looking for specific files in the game directory with cheat names. They are not hunting around your computer for "tax information", "finances" etc - this is emotive language to try and grab attention. People do not keep their finances in the BF2 install directory with the same name as popular cheats. If that happens, then you will get kicked and a hash of the file taken. The original information is not sent.

Quote:

While the streams of “dialog” arent exactly open between myself and punkbuster, I consider this to be a huge breach of trust with the public.

reply:
Of course they're not open. He writes cheats for a living and regularly gets banned because of it. Funnily enough because of breaches of the EULA - not to mention his numerous breaches of trust with his customers.

Quote:

The fact that PB is even actively scanning text files is a huge security issue that needs to be addressed, as it isnt even scanning inside the bf2 folder, it is computer wide, and any file that becomes ‘flagged’ is uploaded to PB.

reply:
This is totally false. The checks, as taken in the screenshot can only be searched for in the game directory. It's how it works. It is hardly new either - he's just slow to the game.

Quote:

Here is a screenshot showing a passive scan while searching for a .txt file.

Reply:
The screenshot in question was a section of a BF2 server log showing our MD5Tool list loaded. This is full of popular cheat names, not "Finances 2006.txt".

As for the EULA, this particular person has decided to analyse it before. You might find peel's blog entry "Legend in his own lunchtime" an amusing read as he takes the argument apart: http://www.punksbusted.com/forums/bl...?showentry=234

Not to mention that he quotes the EULA for saying that items which PB may scan "includes, but is not limited to, devices and any files residing on the hard-drive and in the memory of the computer". Why is he suddenly surprised that this is happening?
===========================================

my reply: CHief ADFP
i only hope this clean the air on what this cheater maker is trying to sell.........by the way he is selling cheats on the internet for all to buy......get that lol no joke

[Hellfighter]

Quote:

Originally posted by BB


to tell u the truth chief, pb dosnt stop msx.. within an hour of a PB update they had already made a work around..

only posting the info, but i sense this is gonna get out of hand..

will maybe the hackers are getting tire of making up new one after a time he will given up on them as will

hackers vs PB who will win? my money on PB why they get paid to do updates and the hackers have to do the same.

remember one thing they ban on the go and update to find new cheaters tools

master ban listing: http://rep.punksbusted.com:9000/cgi-...-here</u></b>"

one other reply:

Quote:

By: vampman05' date: 30 Apr 2006, 10:28 AM' post: 120063

Kind of funny that a email was sent out a few weeks ago "advertising" their "cheat" see

http://www.punksbusted.com/forums/in...howtopic=20684

and now the same people are trying to put PB down... kind of one of them things that throw up a red light and says " these people (the muppets with these "cheats") are trying to get PB in trouble...

i aint heard PB side of things... but i'd rather trust PB than some muppets at a "cheat" site any day

[Sal UK]

what I will ask because no one else did, Why are you searching cheat and hack sites BB? he....he....he.....

[-Tigger-]

was posted on a clan forum

chief, msx makes money from selling their cheats and its a subscription apparently.. as long as these guys keep getting their money in they wont stop

[Hellfighter]

funny then they are both fighting each other then and both are a paid service lol

only one is breaking the law its the hacker making up them cheats

still i say this who going to think is in the right a hacker making cheats for sale to the world or EvenBalance paid service for Novalogic, inc and other's.

sorry i really think this is a dead subject bottom line its coming from a hacker who is trying to sell cheats to other and trying to make other people not to use PunkBuster at all, trying to tell others lie what PB is doing as scan goes

[Lucky]

if im right, there is no law against hacking games, its agains the eula tho

[IcIshoot]

Quote:

Originally posted by Lucky
if im right, there is no law against hacking games, its agains the eula tho

which in a sense would be breaking the law. From what I understand, the eula is a type of contract. So, by breaking the eula, it seems to me that the company may have legal options against the violater for breach of contract.

Whether or not they go that far, that is up to the company.


IcI

[Hellfighter]

Quote:

Originally posted by icishoot
which in a sense would be breaking the law. From what I understand, the eula is a type of contract. So, by breaking the eula, it seems to me that the company may have legal options against the violater for breach of contract.

Whether or not they go that far, that is up to the company.


IcI

will thats really up to PunkBuster and the Game MFG software to turn it over or not. on the other stealing other account information thats is up to the game MFG or the servers host to handle.

[-Tigger-]

hacking games is illegal, well atleast for one game called MU, people have been arrested and fined for hacking the game code, and im sure this applies to other games

[.DareDevil.]

Wouldnt surprise me if Argus and PB were both ways of them stealing our information such as ss,credit card numbers, and etc due to the fact neither is really usually due to it cant catch all cheats so it makes you wonder if they are doing something else indeed!

[Lucky]

Quote:

Originally posted by Visor*CP*/visor_dflw
Wouldnt surprise me if Argus and PB were both ways of them stealing our information such as ss,credit card numbers, and etc due to the fact neither is really usually due to it cant catch all cheats so it makes you wonder if they are doing something else indeed!

see, PB is the worst anticheat/hack ever, thos hackers were usin it and pb didnt do shiz

[IcIshoot]

they can only block cheats once they are discovered, and figured out how they work. It will be like that for any anti-cheat program.


IcI