Slashdot Log In
Blizzard, Bnetd Respond on Bnetd Shutdown
from the stormy-weather dept.
From: "Tim Jung"
Subject: bnetd.org shutdown
If you would like more information on this please feel free to contact me. I am
one of the developers and the hosting ISP for www.bnetd.org. I have talked at
lenght with both the Blizzard/Vivendi lawyers and with EFF lawyers about our
options both as an ISP and as a developer.
As an ISP I did not force the group to do anything, but rather presented them
with all the legal information I have recieved and asked them what they wanted
to do. As you can imagine neither my company nor any of the developers have the
money to fight the Blizzard/Vivendi lawyers at this time. So until we are able
to get some legal help to fight this we felt we had no choice but to close down
the site for now until the time at which we could fight this legal battle.
If you have any questions or suggestions let me know.
Tim Jung
System Admin
Internet Gateway Inc.
files are still mirrored......for now (Score:5, Informative)
New mirror with current cvs (Score:5, Informative)
Parent
Well.... (Score:3, Insightful)
They earned the right to sell it and protect it.
I'll still buy Blizzard games as long as they provide enough entertainment for the money.
Re:Well.... (Score:5, Interesting)
Yes, they did. They wrote the battle.net server.
>They earned the right to sell it and protect it.
yup. but they aint selling the battle.net server software, and have protected it. As I understand it, bnetd is a cleanroom implementation. It was built from the ground up. Nobody stole the code, they're just getting competition that's better and cheaper than they are.
//rdj
Parent
Re:Well.... (Score:3, Insightful)
Re:Well.... (Score:5, Insightful)
No, you won't. You'll pay money for and agree to Blizzard licenses that permit you very limited rights to use the data and applications that (quite incidentally) came in the boxen with the licenses. You won't read the licenses, nor will you understand that you are agreeing that Blizzard may change the terms under which you may use their content, or revoke your license at any time, or simply withdraw the services advertised on the back of the box, or (in future) wiping the game from your drive, and all without giving you any notice or explanation or assumption of innocence.
You won't care until - despite Blizzard's control freakery - a pirate clones or guesses your CD key, or one of your friends jots it down, with or without your knowledge, or you get sold a returned box that's already been registered - and this actually happened to me, which made for an interesting little debate with the retailler - and you get refused access to Battlenet. Or Blizzard (or whoever group of lawyers happens to own them at the time) just stop providing Battlenet. Then you'll care, but Blizzard won't care, because you agreed to a license that says they don't have to.
Then you'll wish there was a bnetd. Then you'll say "Why did nobody stand up for this when we had a chance?"
Parent
presumed guilt? (Score:5, Interesting)
Here are reasons why bnetd was needed:
Based on my use of the product, I can assure you that people trying to use hacked copies were in the strict minority.
This is the IP equivalent of setting fire to a village because it might contain spies. If this kind of "ends justifying the means" logic were applied to any other aspect of life it be considered Draconian, but the DMCA allows this -- companies can prosecute groups whose work may present the slightest threat.
"I just wanted to play starcraft at work... and now I'm going to jail?" *sigh*
Parent
Re:presumed guilt? (Score:3, Insightful)
Not quite. In this partcular village, the spies have the ability to magically transform other citizens to spies, and quite rapidly. Additionally, these spies have convinced other citizens that being a spy is ok, because the methods to become a spy are so innately simple. After a while, a great deal of spies become the majority.
For further reading, see Napster(n).
Re:Well.... (Score:3, Insightful)
Hey, voting with my dollars, right? Capitalism in action. Democracy in action. Refusing to purchase Blizzard products is damned American of me!
I doubt Blizzard will care much. I've spent hundreds of dollars on their games over the years but I'm just one joe. Even so, I'm a joe who insists on doing the deed even if it won't count for squat at the end of the day.
Way it goes. Goodbye, Blizzard - too bad you guys opted to stick your heads so far up your asses on this one. I was looking forward to Warcraft III.
Max
Re:Well.... (Score:5, Insightful)
So, if they're going to play on the TCP/IP field, they'll either have to figure out a better way to protect their connections, or realize that they'll just have to let other servers emulate their own.
And let me point out that Blizzard openly has said in their various games (like Diablo manuals) that part of the price of their game goes towards pay for the Battle.net servers. That means that if you're a legitimate owner of a Blizzard game, you get to play on the servers you payed for. If you're a pirate, guess what? You can't play on *their* servers. Blizzard doesn't pay for these other rogue servers, so they aren't having pirates sucking their own access. Also, Battle.net servers are where the brunt of all players are at, since they are the official servers and come automatically configured in your game. Playing on BnetD means dealing with less players, and perhaps unstable servers that can disappear at a moment's notice, since there is no single company making sure that they're running properly. You get what you pay for.
Lastly, let me point out again that Blizzard points out that we pay for the servers in the price of the game... and if the servers are down or extremely laggy (which happens often), then the value of the service has degraded below our expectation. If a legitimate gamer is unsatisfied with their multiplayer experience, they should be able to have the freedom to choose a non-Blizzard server to find. Blizzard should be happy about this, since it helps: 1) reduce load on Battle.net servers, and therefore ensuring better connectivity on their server, 2) provide many more choices in servers than Blizzard can afford to pay for, and 3) retain players for future Blizzard games purchase. For instance, I stopped playing Diablo II because of server problems, which can affect my buying decision for future games. Why should I buy Warcraft III if I expect the servers to still be sucky? If BnetD is an option, that could sway me to purchase Warcraft III. I understand that those who know about BnetD don't make up a large percentage of Blizzard's customers, but it is so significant, and they shouldn't assume that they can just alienate a minority to enhance revenue.
Parent
Re:Well.... (Score:3, Informative)
Funny, Smith and Wesson was forced into a deal with the government to prevent a suit.
And also, odd that you would use the example - since municipal gun suits are still trying to get off the ground. Check it out [overlawyered.com].
Re:Well.... (Score:5, Funny)
Parent
Re:Well.... (Score:3, Insightful)
To return to the circular saw analogy, if you buy a circular saw blade from a company that has trademarked the name "Sawdust Blizzard (R)(TM) circular saws" and there is a note on the instruction paper hidden behind the saw blade (the saw blade is sold shrinkwrapped to a piece of cardboard that plainly says it is a 7 1/4" saw blade that will work with most 7 1/4" saws) with a note in tiny print at the bottom that says:
"this circular saw blade is provided as is, without any warranty or useability or safety guarantees, real or implied. By purchasing this saw blade you agree to the terms with are posted on the website www.sawdustblizzard.com and may be subject to change without notice."
On the website (buried behind pages of marketing copy and a note that the 7 1/4" circular saw blade is known to not fit most 7 1/4" saws, and recommending you purchase the new Sawdust Blizzard (R)(TM) 7 5/8" circular saw to most effectively use your Sawdust Blizzard (R)(TM) circular saw blade) is the terms:
By purchasing the Sawdust Blizzard (R)(TM) saw blade you agree not to use this saw for projects not approved by the Sawdust Blizzard Corporation or any of its affiliates. Only members of the Sawdust Blizzard craftsman union may use the Sawdust Blizzard circular saw blade. You may not use the Sawdust Blizzard (R)(TM) circular saw blade in Black & Decker, DeWalt, Mikita, or other circular saw manufacturers. Use of a washer and/or customized bolt to use the Sawdust Blizzard (R)(TM) circular saw with other saws is strictly prohibited and grounds for confiscation of anything built with it. By purchasing the Sawdust Blizzard you are automatically admitted to the union (currently free.) By joining the Sawdust Blizzard (R)(TM) craftsman union, you agree not to use other brands' woodworking products. Union rules are subject to change without notice
Solution (Score:4, Interesting)
Why should the on-line piracy validation be integrated with the server? It is "relatively" easy to split the actual battle.net serving with the vadidation process.
With an Open client/server protocol the client could get a ticket/.net pasport from the official site and play with the Free server...
Just my 5 EuroCents.
Well, isn't this a crock of... (Score:5, Insightful)
Notice how they cleverly shift the argument from one of "Why did Blizzard (successfully) attempt to shut down this project?" to "Are you saying you support piracy?" This is what we call a strawman [wikipedia.com], boys and girls.
All they've done is piss off a bunch of people and possibly "prevent" a couple of copies of their games from being the target of copyright violation. Let's see... a couple fewer sales, or the loss of much goodwill? The really determined copyright violators will still find a way, then they'll make their methods known, so they're back to where they were in the beginning with fewer fans.
Yeah, great choice, guys.
Re:Well, isn't this a crock of... (Score:5, Insightful)
A strawman is arguing against a warker stance than your opponents actually hold. So what is the stronger stance? What's the real argument here?
This is an emulator which would allow people to get around Blizzard's copy protection. I haven't palyed on battlenet in years. They may also have some advertising there, so there might be some loss in ad revenue, though I doubt the ad revenue outweighs the server costs.
All they've done is piss off a bunch of people and possibly "prevent" a couple of copies of their games from being the target of copyright violation. Let's see... a couple fewer sales, or the loss of much goodwill?
I doubt we're talking about just a few sales. Blizzard enjoys a relatively low amount of piracy of it's games that are played online. I even know a couple people who bought the game rather than coppied it because they needed the CD key, and I don't know that many people that play those games. I've also got the question the loss of "much goodwill". Are that many people really surprised by this action by Blizzard? The vast majority of Blizzard's customers won't be surprised, or offended by Blizzard's actions. Even among those that get upset, most will continue to buy and play blizzard's games because the games are of high quality, and the relatively low price of the game is outweighed by the many, many hours of enjoyable play time.
Blizzard isn't being unreasonable or vindictive, they're simply protecting their software so thay can pay their employees and continue to make the high quality games they make.
A lot of people copy games from their friends because it's easy and conveinient, and it's nice to try before buying. A lot of those same people will never bother to actually buy the game, even if they play it a lot. Blizzard's copy protection really only has to make it hard enough that those people buy it rather than copy it.
These are real issues for Blizzard. Arguing that it's only a couple sales and that they will lose good will is the strawman.
Parent
Poor CD key algorithm (Score:4, Interesting)
They need to keep the CD key algorithm secret in order to be secure
This sound like yet another amateur cryptography to me. If they used a proper public key algo they would have no need to keep it secret.In other words: reading crypto books helps.
Re:Poor CD key algorithm (Score:3, Insightful)
Re:Poor CD key algorithm (Score:4, Interesting)
Parent
Umm no... (Score:4, Insightful)
Any service that can validate a CD key or not would be an invaluable service for anyone attempting to determine what that algorithm is. Thus I can see why they would not want to provide that service.
Public key encryption is a tool that solves a completely separate problem, and could not be applied to this task.
Parent
Re:Poor CD key algorithm (Score:5, Insightful)
This sound like yet another amateur cryptography to me.If they used a proper public key algo they would have no need to keep it secret.
This sound like yet another amateur cryptographer to me.
Before designing any sort of security system, you must understand all of the dynamics of the system. There are many reasons why PK is not helpful here. The biggest one is that using a digital signature of some piece of identifying data would result in *huge* CD keys. Think about it: To have reasonable security, you need to use at least 512-bit keys. A signature with a 512-bit key is 512 bits in size. Even with base-64 encoding that's still an *85-digit* key. Depending on how resourceful your pirates are, 512 bits may not be enough, so maybe you should use 768 bits, which gets you a 128-character CD key. Oh, and you also have to send the information that was signed, and it has to be at least 24 bits, and probably a few more, so add another five base-64 characters there. Anyone typing that enormous thing in will almost certainly make some errors, so you'd better add some more bits for a checksum and an error correcting code.
Further, there is absolutely no point to using PK here at all! If you must use a cryptographic solution, plain old 3DES, or AES, or Blowfish, or IDEA, or whatever decent symmetric key cipher will work great. PK exists to (partially) solve the "key distribution problem", which is the difficulty of securely arranging for a shared key between two parties. There's none of that here. The problem here is for Blizzard to be able to distribute a large number of little piles of bits which users can regurgitate back to Blizzard whenever they want to play on the network. Blizzard makes the numbers, Blizzard verifies the numbers. Using, say, an 8-byte block cipher to encrypt a string containing an ID number padded in some structured way gives you an 11-digit base-64 encoded CD string. Much nicer. I can think of another approach that would allow you to shave a couple of digits off of that without sacrificing significant security.
Really, though, it's not clear that crypto is even required. Choose a random ~64-bit number for each CD key, encode it using base 64 or the like and store it in a database. When a request comes in, look it up in the database. If the number is there, cool. If not, drop the connection.
I should also note that with any solution, there really should be no problem with Blizzard setting up a key verification oracle, because if you use good crypto (or just sufficiently large random numbers) the odds of someone being able to use the oracle to either break the crypto or discover a key are low and infinitesimal, respectively. However, if I were consulting for Blizzard, I would probably recommend that they not do such a thing because (a) it wouldn't do any good, people would just hack the verification code out of bnetd and (b) there have been lots of interesting oracle-based attacks on ciphers in the past, and while none are known for the current crop of strong block ciphers, new discoveries may happen at any time.
Parent
Re:Poor CD key algorithm (Score:3, Insightful)
In order to argue this, you have to know an algorithm that can accomplish this. What is a key verification alg that is not in any way compromised by knowledge of the algorithm?
You have to put aside any thought of public-key crypto, because those systems are based on data which can be signed. Here there is no data.
Symmetric cryptography is also useless, for obvious reasons.
The task is complicated by the fact that we must assume the attacker has access to a very large number of valid keys.
We can't really use hash functions, either. The hash function could hash the CD key and accept only if the result has certain characteristics. But this is not practical because then Blizzard would be unable to generate the CD keys in the first place (they would have to reverse the hash to get the keys -- breaking their own system).
So, how would you do it?
Not all that surprising (Score:3, Interesting)
I mean, ideally they ought to allow things like bnetd for their published games, since that reduced the load on their real battle.net servers, which I think most of us will agree is often more than they can handle.
Instead of citing security of their protection algorithms, I think they ought to be working WITH the bnetd people -- they need to find a way to allow copy protection while still allowing user-operated servers.
If they need a real example of a system that works, they need look no farther than Half-Life or Quake3 -- they can be played on LANs without authentication, but by and large, you need a licensed copy to play on the Internet.
Xentax
Re:Not all that surprising (Score:3, Interesting)
This thought crossed my mind too. Instead of shutting down the project, why not cut a deal where bnetd would query Blizzard's validation servers to find out if a license is valid and drop the connection if it isn't.
All things considered, I think it would be to Blizard's advantage to lighten the load on battle.net by allowing other servers. As other posters have already said, it would definitely improve the playing experience which would most likely lead, in turn, to increased sales for Blizzard.
Just my US$.01 ($US.02 adjusted for inflation)
Translation (Score:5, Funny)
Servers that emulate Battle.net facilitate software piracy of Blizzard products by circumventing Blizzard's authentication code. Blizzard products are intellectual property, and we are well within our legal rights to protect our products from software piracy.
We, at Blizzard couldn't figure out how to keep people from copying our software, so we decided to do authentication in the server, and hope no one figures out how to write their own server.
How do CD keys help reduce piracy?
Blizzard uses two main methods to combat piracy: disc-based copy protection and CD keys. As part of the login process, Battle.net authenticates the user's CD key and prevents people from logging in with the same key or an invalid key.
We realize that all attempts to combat piracy are futile. We put these schemes in place more to frustrate legitimate users than to stop determined people from copying our software.
Why doesn't Blizzard provide facilities that enable these emulators to authenticate CD keys through Battle.net?
In order for us to keep our proprietary CD-key algorithms secure, we cannot allow outside servers to query for the validity of CD keys.
We believe that keeping our CD-key algorithms secret makes our software look more secure.
What about software that hasn't been released yet? Wouldn't it be better to have as many people testing the beta version of Warcraft III as possible, even if they are playing on non-Battle.net servers?
The primary purposes of the Warcraft III Beta are to get play-balance feedback and to test our Battle.net servers. Our servers aren't tested if people are playing the Beta on rogue servers. Additionally, the Warcraft III Beta is not intended to be a product demo; when testing ends, we need the ability to terminate the Beta's functionality. Rogue servers eliminate our ability to expire beta versions of our products.
This is just the beginning. We need to be able to, on a whim, terminate your access to a game you rightfully bought. We are testing this scheme under the guise of a "time limited beta test". If we let others run servers, they could play the game they paid for whenever they want!
What about the hobbyists who are not pirating your software but just want to use these servers as an alternative to Battle.net?
Unfortunately, software pirates have spoiled this situation for hobbyists. We are constantly working to improve Battle.net, and we sincerely hope that one day, no one will see any reason to seek alternatives to Battle.net for playing Blizzard games.
We don't understand why someone else would want to use an alternative to Battle.net. Our software is close to perfect, and who cares about those strange Linux-using customers?
Your games sell millions of copies. Why do you care if a few people pirate your software?
The sales success of a product should not exclude it from laws intended to protect intellectual property. Software piracy needs to be combated at all levels, and at Blizzard we intend to do our part to fight illegal distribution of copyrighted media.
Business as usual... "War on Piracy..." News at eleven...
Re:Translation (Score:4, Insightful)
Why is Blizzard trying to shut down servers that emulate Battle.net?
Servers that emulate Battle.net facilitate software piracy of Blizzard products by circumventing Blizzard's authentication code. Blizzard products are intellectual property, and we are well within our legal rights to protect our products from software piracy.
We, at Blizzard couldn't figure out how to keep people from copying our software, so we decided to do authentication in the server, and hope no one figures out how to write their own server.
Unfortunately, this is what the folks at Napster faced. Yes, they may claim that their software is legal, it's just the people that use it for illegal music trading that are the problem. I hope a solution can be found to make this project legit in Blizzard's eyes.
How do CD keys help reduce piracy?
Blizzard uses two main methods to combat piracy: disc-based copy protection and CD keys. As part of the login process, Battle.net authenticates the user's CD key and prevents people from logging in with the same key or an invalid key.
We realize that all attempts to combat piracy are futile. We put these schemes in place more to frustrate legitimate users than to stop determined people from copying our software.
It doesn't matter how stong the copy protection is, someone is going to figure out how to break it. Blizzard's methods are good enough to stop the casual pirates which is, IMHO, most important from a revenue standpoint. Why would a "legitimate" user have a need to be able to use the same key on two different systems at the same time?
Why doesn't Blizzard provide facilities that enable these emulators to authenticate CD keys through Battle.net?
In order for us to keep our proprietary CD-key algorithms secure, we cannot allow outside servers to query for the validity of CD keys.
We believe that keeping our CD-key algorithms secret makes our software look more secure.
See above. Blizzard puts bread on the table by making money through software sales. Why should they be required to open up their scheme to allow others to be able to pirate their software more easily?
What about software that hasn't been released yet? Wouldn't it be better to have as many people testing the beta version of Warcraft III as possible, even if they are playing on non-Battle.net servers?
The primary purposes of the Warcraft III Beta are to get play-balance feedback and to test our Battle.net servers. Our servers aren't tested if people are playing the Beta on rogue servers. Additionally, the Warcraft III Beta is not intended to be a product demo; when testing ends, we need the ability to terminate the Beta's functionality. Rogue servers eliminate our ability to expire beta versions of our products.
This is just the beginning. We need to be able to, on a whim, terminate your access to a game you rightfully bought. We are testing this scheme under the guise of a "time limited beta test". If we let others run servers, they could play the game they paid for whenever they want!
Again, it's their software. And it's a beta. And not intended to be as public of a one at that. If people are able to play the betas indefinitely, then what incentive would they have to buy the final version? I'm guessing a lot of the kiddies could live with a few bugs if they can save $50. Although chances are, they're the ones who are going to pirate the final version anyway.
What about the hobbyists who are not pirating your software but just want to use these servers as an alternative to Battle.net?
Unfortunately, software pirates have spoiled this situation for hobbyists. We are constantly working to improve Battle.net, and we sincerely hope that one day, no one will see any reason to seek alternatives to Battle.net for playing Blizzard games.
We don't understand why someone else would want to use an alternative to Battle.net. Our software is close to perfect, and who cares about those strange Linux-using customers?
Bottom line, if you don't like it, don't use it. Sadly, I'm sure that that's what a lot of people here are going to do and that's too bad. Why should Blizzard be required to do something that, while it may have legitimate interests for hobbyists, also makes their games easy to pirate?
Your games sell millions of copies. Why do you care if a few people pirate your software?
The sales success of a product should not exclude it from laws intended to protect intellectual property. Software piracy needs to be combated at all levels, and at Blizzard we intend to do our part to fight illegal distribution of copyrighted media.
Business as usual... "War on Piracy..." News at eleven...
Piracy is piracy. The argument that XXX makes lots of money so it's okay to pirate their software just doesn't hold up. Blizzard has gotten where they are because they make good software. If they can't be allowed to do what needs to be done to protect themselves, then what incentive do they have to keep making good software?
Parent
Re:Translation (Score:5, Informative)
Why doesn't Blizzard provide facilities that enable these emulators to authenticate CD keys through Battle.net?
In order for us to keep our proprietary CD-key algorithms secure, we cannot allow outside servers to query for the validity of CD keys
See above. Blizzard puts bread on the table by making money through software sales. Why should they be required to open up their scheme to allow others to be able to pirate their software more easily?
Please don't comment on issues that you don't understand. This is a bare faced lie, and has nothing to do with encryption or security. Here's why:
There is nothing to stop bnetd from doing this already.
The bnetd server could simply open a socket to a Blizzard Battlenet server, and pass on all packets from the clients until it reaches the key challenge/response. It could then kick clients out if they fail the challenge (although the client should terminate itself if it receives a "go away" from the Battlenet server via bnetd).
Why don't they do this? Because one of the points of bnetd is to provide an independent network to Battlenet, which is buggy and prone to dreadful lag and downtime. Being reliant on Battlenet is counterproductive to the basic aims of bnetd.
However, if Blizzard were to set up separate authentication servers, that do nothing but authenticate encrypted CD keys without having to go through the whole login process, everybody wins. They can keep them up more easily, bnetd can use them with more confidence, and pirates can be kept offline. If the Battlenet authentication servers go down, bnetd could let in anyone, so pirates could only play when Battlenet goes down, and, hey, Blizzard aim for 100% uptime, right? By putting a delay on servicing requests from any given IP, Blizzard could protect themselves against crackers just throwing random packets at them, but they don't really have to, because unless you know the client side encryption scheme, that still doesn't help you get valid keys that you can use.
There is exactly zero implication for security. The bnetd server would send on exactly the same encrypted client packet that it already receives. All packet passing is verbatim, there is no need for Blizzard to reveal any details of their encryption scheme. Bnetd doesn't even need to know what a "yes/no" response from the Blizzard servers looks like, although it would be trivial to sniff, and better if they did know, as they could then forcibly terminate the client.
Reminder: bnetd could do this already. Your ISP's routers are doing this already.
There is one slight caveat. Blizzard might have done something "clever" like pack the result of a getpeername() into the CD key packet as Netrek [netrek.org] does with it's RSA packets to stop people inserting hacked "borg" clients between an unhacked client and a server. But there would simply be no reason for Blizzard to do this, and it would actually be counterproductive, as it would place a known and easily manpulated piece of data into the encrypted CD key packet, give a hint as to the encryption scheme used.
To recap: this particular statement from Blizzard is a big fat lie. I'm a professional network programmer, and I've hacked enough lousy and not so lousy encryption schemes to know. If you disagree, please spell out where the security hole is, because I'm simply not seeing one.
Parent
Re:Translation (Score:3, Interesting)
My network consists of two segments, a wireless ethernet segment and a wired 10Mbit segment. Inbetween these is a linux machine with an ADSL connection to the internet.
Starcraft is UDP based, it's a horrendous amount of firewall hacking to get the three (or more) machines behind the firewall to play on battle.net. I can't use IPX since the linux machine won't forward the packets across network segments.
It was trivial to install FSGS on the linux server and point all the clients at it - hey presto - we have working network play *even* if my ADSL line is off.
What did I do that was illegal ?
Incidently I have to use a cracked version of Starcraft on the laptop because it only has one pcmcia slot so it can only use one of the network or cdrom at anyone time.
Re:Translation (Score:5, Interesting)
Yes, they would, for the very same reason I have problems playing on Blizzard's BattleNet servers with a windows client. Their BattleNet servers are overloaded, full of spamming jerks, and are completely unusable for any group of people trying to play a game together.
That is why my friends and I setup our own bnetd server. When we login to our own server, we can actually find each other. We can all join the game that someone creates. We don't get incessant messages while we are playing: to join a clan, visit a site, or make money fast.
We all have legitimate copies of the game. Blizzard made their money from us. Let us play the game.
Parent
Host it outside of the US (Score:3, Insightful)
The only legal recourse for Blizzard is to try to shut down individual game servers residing in the US (small potatoes), or to try and track down developpers individually should they also reside in the US.
If you're an american developer for this, just deny any involvement from this point on.
Look at them trying to pass the blame (Score:5, Insightful)
From the FAQ:
Q. What about the hobbyists who are not pirating your software but just want to use these servers as an alternative to Battle.net? A. Unfortunately, software pirates have spoiled this situation for hobbyists.
"Software Pirates" didn't spoil this for hobbyists. *Blizzard* spoiled it for hobbyists. In the style typical of any arrogant corporation, they don't care what their customers want; they just want to control every aspect of everyone's interaction with them. (IMO, this is typified by the horribly buggy CD copy protection on Diablo II -- ever try to play it with more than one CD-ROM drive, or the CD not in the first drive? Feh. They'd rather keep legitimate buyers from playing (hell, they already have our money) than risk letting even *one* "software pirate" slip through the cracks!)
Don't let Blizzard fool you. *They* are the ones who are causing problems here, not bnetd. What ever happened to "innocent until proven guilty?" (Yes, I know it's a legal principle, but it used to be widely practiced even by ordinary people... until the lawyers found they could make more money by pre-shafting people, so to speak.) Anyway, just my $0.02.
---Crash Windows XP with just a simple printf! [zappadoodle.com]
Re:Look at them trying to pass the blame (Score:4, Insightful)
the free market does.
//rdj
Parent
Suggestion for bnetd authors (Score:5, Insightful)
Lets see how Blizzard would respond to that, if piracy really is the objection...
Simple solution... (Score:5, Interesting)
Re:Simple solution... (Score:3, Insightful)
Blizzard just needs to release a legitimate version of the B.Net server
This is a great idea. A couple problems though:
The current battle.net server is an in-house application, which means (since they probably didn't develop it with a public release in mind), it's probably (a) really warty (not that this would matter to the average buyer) and (b) probably horribly coupled to all kinds of internal proprietary servers. I mean, look at Bugzilla [mozilla.org]; it's successfully used by a lot of projects, but it started as an in-house bug tracking system and *it still really shows.* Just try to set it up sometime!
The server would probably only run on Windows, since that seems to be the main audience Blizzard develops for. Or, alternately, if it runs on *nix, their marketing types would probably say, "well, our customers aren't running *nix, so there's no point selling it." Catch-22 here.
Also, with LAN parties combined with Microsoft's infamous "no more than 10 people may connect to a Win2K Pro machine over TCP/IP" (yieh! you're just a *consumer*, a *nobody*, so sit down biotch!), Blizzard's lawyers might warn them about people violating Microsoft's EULA. And heavens, that might be worse than Software Piracy!
With the server released, that would be more code crackers could look at to try to reverse-engineer the CD key algorithm. True, this can be done with the game too, but maybe the authentication is written in perl or some other text based language that would be trivial to reverse engineer.
Blizzard/*Vivendi*. How likely is Vivendi to do anything that even resembles giving customers freedom? They're all about control of "consumers," nowadays.
Blizzard tech support, like any large tech support organization, is already overworked from idiots emailing them about trivial problems. At least they probably have a good procedure in place for dealing with this though. Server software is a completely different ballgame, and they'd probably have to hire new staff just to deal with it. To their minds, this could be just more money down the tube.
So basically I agree with you, but with the analysis for blizzard = spending more $$ on development + spending more $$ on tech support + fear of "software pirates" + general belligerence, I doubt it will ever happen. Oh well, we can always hope, right? :-)
---Crash Windows XP with just a simple printf! [zappadoodle.com]
a really simple solution... (Score:3, Interesting)
something like a quarter of a milion people read slashdot (or so i'm told). my suggestion for a solution is simple:
if you don't agree with the politics of this desicion, don't buy the game. tell your friends not to buy yhe game.
i'll bet they are going to lose a lot more money from that then they would ever have done due to piracy.
try protecting your intellectual property from that!
Kali did (might still do) the same (Score:3, Interesting)
Kali therefor ALSO bypasses the battle.net cd verification software, and has done so for the past 7 years.
Blizzard cracked down on bnetd, for the only reason, that it allowed ten's of thousands of players to play their closed beta unchecked.
Spite is what it really comes down too, as the piracy issue did not affect sales in any way for this beta.
another good deed for vivendi......
They're full of it. (Score:5, Insightful)
This is, of course, pure bollocks. I could as easily write that "Playing Diablo II in single-player mode facilitates software piracy by circumventing Blizzard's authentication code. What's really at issue is that they don't want any competition for their pay-for-play servers in the future, and are willing to overlook the fact that the bnetd folks aren't the ones who added WC3 support.
Here's the letter I wrote to Blizzard:
Dear Sirs,
I have been a Blizzard customer for many years now. My shelves have accumulated boxes of Warcraft, Warcraft 2, Starcraft, Diablo, Diablo 2,
and sundry expansion packs for those games. But I'm afraid actions your company has undertaken have persuaded me that I should stop being your
customer.
Like many others, I've been distressed recently by the damage hackers and cheaters have been doing to gameplay on Blizzard's Realms servers on the battle.net service. Duping items, hacking items, skill hacks, and various other methods of cheating have been running rampant. But until now, I've held out hope that Blizzard would take action to address these problems, and deliver on the cheat-free Realms that it has promised since before Diablo 2 was released.
Instead, I've noticed to my dismay that instead of investing its resources to improve the gaming environment for all legitimate players, Blizzard has instead chosen to squander those resources on stifling the innovation of those legitimate players. I speak, of course, of the letter threatening legal action Rod Rigole has sent to the bnetd project, hosted at http://www.bnetd.org. Mr. Rigole claims that this software violates the DMCA, and that it is Blizzard's interest that the software be suppressed.
Putting aside the fact that this is a questionable legal interpretation, given that bnetd is not a means to bypass anti-circumvention techology, does not facilitate copyright violation, and plainly lies within the DMCA's
exemption for reverse engineering done for the purposes of interoperability between privately-created software and preexisting software, and also putting aside the fact that I have never used the bnetd software, I am writing this letter to tell you that it is not within Blizzard's interest to take such action.
As evidence of that, I will offer the fact that your draconian action against a piece of software that only serves to enrich the gaming experience for thousands of your customers, has convinced me that I should not again purchase one of your products.
[signature]
Looks like they left off an FAQ item... (Score:3, Funny)
From Battle.net's main page (Score:3, Interesting)
This is from the announcement on battle.net's main page:
Certain programs have been developed that allow users to bypass Battle.net's CD-key-authentication process. Although these programs might have been made with good intentions, they directly promote software piracy by allowing users who have illegitimately obtained our games to play them as if they'd been legitimately purchased. Furthermore, because these programs allow access without a CD key, they render malicious users unaccountable, thereby eliminating Blizzard's ability to protect legitimate consumers. Therefore, Blizzard has taken an aggressive stance opposing the use of these programs.
This paragraph contains at least on case of spin-doctoring, as well as one outright lie:
"Certain programs have been developed that allow users to bypass Battle.net's CD-key-authentication process." Technically, this is true, but it's a gross misstatement of the bnetd project's aims. This sentence implies that circumventing copy-protection was bnetd's primary purpose, when in fact it was not.
"...they directly promote software piracy by allowing users who have illegitimately obtained our games to play them as if they'd been legitimately purchased." Again, making it sound as though that's the primary goal of the program, and ignoring the fact that the bnetd team asked Blizzard if they could implement CD-key checking.
"Furthermore, because these programs allow access without a CD key, they render malicious users unaccountable, thereby eliminating Blizzard's ability to protect legitimate consumers." This is a lie, pure and simple. Blizzard will stll be able to protect leigimate users on battle.net from malicious ones; the existence of bnetd won't change that one bit. Bnetd poses no danger to batle.net users, and claiming that it does is scurrilous. Blizzard is fabricating this to make users think it's acting in their interests. It's not.
TheFrood
Oh, piss... (Score:3, Funny)
Why doesn't Blizzard provide facilities that enable these emulators to authenticate CD keys through Battle.net?
In order for us to keep our proprietary CD-key algorithms secure, we cannot allow outside servers to query for the validity of CD keys.
In the name of Bruce Schneier, I smite thee with the Great Sword, ClueBringer !
The Mess that is Battle.Net (Score:3, Insightful)
Diablo I was quickly prone to excessive hacks because all character information was stored client-side.
Diablo II was released under the premise that character data was unhackable under a secure server. However, packet sending programs became capable of producing duplicates of godly items, and more recently hack into item properties, and bring characters up to essentially infinite skill levels. Essentially, Diablo I all over again (a big reason for this IMO is that Blizzard does not disallow the selling of game items and characters on ebay, as do the makers of Ultima Online and EverQuest).
After the most recent wave of hacks (typically a new hack is produced, and its use becomes so widespread that Blizzard has to patch it to get it's servers running again), Blizzard announced that it had deleted accounts [battle.net] found sending bogus packets.
Up to WarCraft III all Blizzard products have been free to play on Battle.Net. If they can't be more proactive in securing their servers, the prospects for World of WarCraft, their monthly payment MMORPG under development, does not instill one with confidence.
What about hobbyists... (Score:3, Insightful)
Prior to this action by Blizzard, I had no reason to use bnetd servers. Now I have one.
My response to Blizzard (Score:5, Interesting)
You can view the letter in its entirety here at Blizzard Takes Action to Protect [battle.net].
The software, bnetd, no more promotes piracy than a crowbar promotes breaking and entering. Just as a crowbar can be misused, bnetd emulator can also be misused. A lock pick set is illegal here in California without a license because its primary purpose is to circumvent security. No license is required to own a crowbar or hacksaw just because these devices might be used in an illegal manner. I'm a legitimate consumer. I own just about everything ever made by Blizzard. Your disrupting the development of bnetd has interfered with my ability to play the game. Shutting down bnetd is a violation of my fair use of software I legally own. Please explain the logic used to derive at the conclusion that disrupting my ability to play is actually helping me. No one disputes this right, but you have not gone after the pirates any more than the police would by going after the manufacturer of crowbars. Security through obscurity is no security at all. Your algorithm with be reverse-engineered, eventually. When that happens, the inherent weakness will be public knowledge. CD key generators are already floating around the web. Obviously, the security of the CD keys has been seriously compromised. If you make the CD key verification code public, it can be implemented into bnetd and most users of the program will, no doubt, implement. In truth, the CD key verification should not be necessary. The game will not run without a valid game CD in the drive. If something is circumventing this verification, is is completely unrelated to bnetd. We are not pirates and we do not like pirates. No, Blizzard - you have. The pirates are always going to be there, regardless of what you do to legitimate owners of the games. You have? When did this happen? Diablo 2:LoD has been virtually unplayable for several months now. Why do you think we seek an alternate closed realm? Since Blizzard has obviously abandoned the game to the hackers and cheaters, we have been forced by you to come up with our own solution. If you actually made an attempt to do something about the horrid condition of the realms, we might not be setting up our own realms. We want a nice place to play the game, free of cheaters and dupers. You won't give this to us; so, like an abandoned step-child, we must try to go our own way. With the state of the realms in a perpetual state of self-destruction due to Blizzard's neglect, and with Blizzard's complete lack of interest in making existing customers happy, I have decided there is no reason to purchase another Blizzard product ever again. You have lost a customer. How many will you have to lose before you realize you must SUPPORT YOUR EXISTING CUSTOMERS. During the previous duping exploit a few weeks ago, a Blizzard talking head said they had "come up with a solution that should be satisfactory to most people." We're still waiting. When is this mythical solution going to be implemented? Perhaps when he said "most people" he was referring to the Blizzard marketing division and the dupers. I'm sure the the only people satisfied with Blizzard's non-solution will be the marketing people (they are hoping it will drive people to their new game) and the dupers (they are free to abuse the realms to their heart's content).Blizzard's reply to me... (Score:4, Informative)
From: "Rob Beatie"
To: aexia@yahoo.com
Subject: RE: One less copy of Warcraft 3 sold
Certain programs have been developed that allow users to bypass Battle.net's CD-key-authentication process. Although these programs might have been made with good intentions, they directly promote software piracy by allowing users who have illegitimately obtained our games to play them as if they'd been legitimately purchased. Furthermore, because these programs allow access without a CD key, they render malicious users unaccountable, thereby eliminating Blizzard's ability to protect legitimate consumers. Therefore, Blizzard has taken an aggressive stance opposing the use of these programs.
Please take a moment to read through our FAQ regarding these issues at http://www.battle.net/support/emulationfaq.shtml if you have any questions or concerns about Blizzard's stance on software piracy. {WR655}
-----Original Message-----
From: aexia@yahoo.com
Sent: Friday, February 22, 2002 10:31 AM
To: sales@blizzard.com
Subject: One less copy of Warcraft 3 sold
Thanks to your ill-considered invocation of the DMCA, you have one less customer now. I've used alternative server software(bnetd) to play over the Internet because battle.net is laggy and full of cheaters, hackers and other assorted morons. It's simply not a fun place to play.
Creating my own server allows me to play in peace, without lag, with my friends. It's not to promote piracy; it's to play the *game*, not a "license", I paid money to buy. It's mine and I'll play it however the hell I want to.
I'm sure you'll sell plenty of copies of Warcraft 3 anyways, but you won't sell one to me until you catch a clue.
Re:Full Text (Score:3, Interesting)
1201a of the DMCA [gpo.gov] reads: ''(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that-- ''(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title; ''(B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or ''(C) is marketed by that person or another acting in concert with that person with that person's knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title."
It does not take a lawyer to know that bnetd is not a "circumvention device" under the DMCA, and by saying that the "pirates" "spoiled" it for the rest of legitimate users, they are even admitting that there are substantial legal uses and bnetd is not "primarily designed" to circumvent a copy prevention mechanism.
They wouldn't stand a chance if this went to court.
Re:Full Text (Score:5, Funny)
If I (digitally) stamp copyrighted material onto the "chewy nougut center", I can claim the crunchy chocolate coating is an "Access Control Mechanism".
Parent
Re:Full Text (Score:5, Insightful)
Most people are missing the key fact here of the timing of Blizzard shutting them down. Blizzard didn't do it when they first heard about it, for reasons that many have stated here already. There are many legit reasons why you'd want to run a Starcraft/Diablo server. Blizzard's problem with bnetd only started when functionality to allow Warcraft 3 to run was added. War3 is not a product. (yet) There are absolutely zero non-copyright infringing uses for bnetd to be War3 compatible right now. People who joined the beta signed up to help blizzard test the game in exchange for being able to play ahead of time (for free!). They don't have the right to be able to play on their own servers because they agreed to play on b.net, nor do they have the right to give it to anyone they want. These were conditions of being able to be in the beta in the first place.
It's only normal to assume the worst of a large corporation and in many cases I would agree, but in this case (as I understand it) I do not. How else do you explain the other projects which allow for b.net emulation (fsgs etc) that exist and have for quite some time without problems from Blizzard and are not being shut down by Blizzard.
If what I believe to be true regarding this matter is in fact true, I have no problem with Blizzard doing this, DMCA notwithstanding.
Parent
Re:Full Text (Score:3, Interesting)
Re:This is interesting... (Score:3, Interesting)
One, you aren't modifying the game to run it on bnet. Two, by your own admission, you do own the copy.
If you want to stick it in a microwave, you're free to. If you want to make modifications to it locally and not distribute them, you're free to do that too. Copyright law only says that you can't distribute copies publically or off to random people. It's called 'Fair Use'.
I don't care what the stupid license agreements say. They're largely unenforceable, and morally wrong anyway. If a license agreement in the front cover of a book isn't legally binding, one on the front cover of a DVD box or inside a game box isn't either.
No company's 'ownership' rights reach inside my own house to things I've bought and control. Such thinking leads the way to an invasive police state, and I will have none of it.