Activision Blizzard Secretly Watermarking World of Warcraft Users

New submitter kgkoutzis writes "A few days ago I noticed some weird artifacts covering the screenshots I captured using the WoW game client application. I sharpened the images and found a repeating pattern secretly embedded inside. I posted this information on the OwnedCore forum and after an amazing three-day cooperation marathon, we managed to prove that all our WoW screenshots, since at least 2008, contain a custom watermark. This watermark includes our user IDs, the time the screenshot was captured and the IP address of the server we were on at the time. It can be used to track down activities which are against Blizzard's Terms of Service, like hacking the game or running a private server. The users were never notified by the ToS that this watermarking was going on so, for four years now, we have all been publicly sharing our account and realm information for hackers to decode and exploit. You can find more information on how to access the watermark in the aforementioned forum post which is still quite active."

Other games?

[SJHillman]

Is this known to be the case for any other games? IE: Diablo III?

Re:Other games?

[Zocalo]

I know surfing the web using Internet Explorer can be a bit of an adventure, but even so, I think that's probably the first time I've seen it referred to as a "game".

Re:

[Teancum]

Internet Explorer is indeed a game. It is just a game played at a higher level and you are unwittingly a participant in that game acting as a pawn. That you may or may not actually be using that software is itself a part of the game.

Re:Other games?

[tepples]

So I take it the only way to win IE is not to play. In that case, how does one start with a store-bought PC and download something better such as Firefox, Chrome, or a whole different operating system, without playing?

Re:

[TheRealGrogan]

ftp.mozilla.org uses "round robbin" style mirroring. You connect to that host, and it automatically directs you to an ftp server.

That's how I do it, anyway:

230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /pub/firefox/releases/15.0.1/win32/en-US
250 Directory successfully changed.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r-- 1 ftp ftp 17790056 Sep 05 18:41 Firefox Setup 15.0.1.exe
-rw-r--r--

Re:

[the simurgh]

i wonder how long till a lawsuit is filled because activision basically gave hackers all the info they needed to hack accounts and never told account holders not to post screengrabs because it contained account info.

Re:

[Anonymous Coward]

It contains the account name (which cannot be used to login anyways since you have to use a battle.net ID to login now), and the IP of the server you're playing on (which is public anyways), and the timestamp. Not sure if I know what info you're talking about that "basically gave hackers all the info they needed to hack accounts."

Re:

[ildon]

The account name posted is not what you use to login. If you created an account after the Battle.net 2.0 account merger, you have no way of even knowing what your own "account name" is.

Re:

[sarysa]

That's the problem with soccer. You constantly wait for it, but it never comes...

Cows!!

[onyxruby]

There was an infamous cows shot from a hell level of diablo2 from years ago that my character surrounded by hundreds of cows. Wonder if that if that was watermarked?

Re:

[zieroh]

Thanks for your input xxxxxx@xxxxxx.xxx

That's seriously fucked up.

Brain encoding.

[Valor958]

It's not actually a watermark on the picture. It's a watermark encoded in your brain from playing too much WoW.

Ouch

[ledow]

Ouch. That's gotta hurt. I think there's a case for even places like the EU commission there, if people are unknowingly distributing other's data.

That said, I don't really care because I've never touched WoW. But, yeah, I can see the problem. 4 years of IP -> client records, plus things like date-time stamps. If nothing else, that's a whole host of web-crawling to link people to IP's, accounts.

You kind of expect it in pre-release reviews or betas or something but in the full client and in every screenshot? Bit nasty.

More interesting - what other games do that?

Re:

[Anonymous Coward]

More then you think. It was a feature in spore. It let you drag the image to the game and the game would pick up the animal in the image. It was an awesome feature.

Re:

[xSquaredAdmin]

According to the summary it links user IDs to the IP of the server they were on, not the client's IP.

Re:

[Wovel]

It's the server IP...

Re:

[cpu6502]

This story is hardly news. "A megacorp acts like an asshat and reveals personal data online via photo watermarking." I've come to expect ALL megacorps act like asshats nowadays. It's a challenge to find one that doesn't.

Re:Ouch

[theArtificial]

A megacorp acts like an asshat and reveals personal data online via photo watermarking

Personal information [wikipedia.org]?

Information which can be used to distinguish or trace an individual's identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name, etc.

The embedded IP address is the IP address of the server you're connected to. IP addresses are not personal information. The account name is not personal. If I follow this logic your email address is personal information, and so is your license plate? From their terms of service:

For some activities, we may ask you to create a username and password and/or to provide other, non-personal information such as your age, date of birth, gender, and/or game and platform preferences; and, combine such information with your personal information. [blizzard.com]

I've come to expect ALL megacorps act like asshats nowadays. It's a challenge to find one that doesn't.

What do you expect, they're made up of people. I can see this really impacting someone who signed an NDA not to disclose things which they willingly agreed to in the first place. I'm sure you've never played Wow for any period of time because if you had, you'd realize when updates happen to their Terms, they present them to you and require you scroll through them and agree to them before you'll be able to access the game. I don't have some hardon for Blizzard but none of what they're collecting is personal.

Re:Ouch

[theArtificial]

Yes, I consider those things my personal details, along with my street address, phone number, bank account number, etc. etc.

Something interesting about public information and personal information [wikipedia.org] is it varies from jurisdiction to jurisdiction. Email addresses are used by both individuals and businesses. In the case of politicians or when requesting public records, in many situations emails are public knowledge. Not to mention many email providers provide indexes listing their members which are opt in. Your address is public knowledge as well as personally identifiable and is even listed on the side of your house and often times painted on the curb out front, and probably listed in a phone book. Look out Google Streetview! Your phone number is public knowledge and personally identifiable. It's also spread around when/if you: sign up for any discount memberships through a supermarket, opened a new business, registered a domain name (without the 'privacy guard').

TL;DR:
Besides the financial information, it's a legal question and depends where you reside.

Re:

[noh8rz10]

This story is hardly news. "A megacorp acts like an asshat and reveals personal data online via photo watermarking."

Well, that's the news, isn't it? I'm familiar with asshat corporations, but not familiar with nefarious jpg watermarking.

Re:

[theArtificial]

Ouch. That's gotta hurt. I think there's a case for even places like the EU commission there, if people are unknowingly distributing other's data.

I can imagine it now, having to get model releases signed for any screenshots which have other characters present. If you look closely at the terms Blizzard specifically tells you that everything is their property (this is apparent if you ever try to sell 'your' account) from the contents of your characters inventory, to the character itself.

That said, I don't really care because I've never touched WoW. But, yeah, I can see the problem. 4 years of IP -> client records, plus things like date-time stamps. If nothing else, that's a whole host of web-crawling to link people to IP's, accounts.

The embedded IP address is the IP address of the server the game client is connected to. I imagine this to be a concern if you're operating an unofficial server.

You kind of expect it in pre-release reviews or betas or something but in the full client and in every screenshot? Bit nasty.

Initial

Reminds me of the Printer affair

[Penurious Penguin]

HP (and others) used to, or maybe still do, use watermarking in printers to hide data revealing time, printer type, etc.
http://news.cnet.com/8301-10784_3-5811739-7.html [cnet.com]
https://www.eff.org/issues/printers [eff.org]
~ Meta data is watching

Re:

[firex726]

All printer manufactures do this.
It's done at the request of the government, for officially anti-counterfeiting purposes.

Re:

[TheGratefulNet]

'request' ?

yeah, they use pastel colored letterhead and say 'pretty please' when they ask you.

sheesh!

FORCED by the gov is more like it.

Re:

[Penurious Penguin]

I didn't know all printer manufacturers did; I'll be looking into it further, despite not having a printer for 5 years. The "officially anti-counterfeiting" bit is pretty dubious (as an excuse, not your statement) though. I actually thought their excuse would be The Children. Either way, while I dislike criminal activity, I do like due anonymity.

Re:

[fuzzyfuzzyfungus]

If memory serves, it isn't actually a factor of printer manufacturer(and/or re-badger); but of the OEM behind the color laser print engine. Apparently there are relatively few of those, and some, thanks to a little leaning from Uncle Sam the details of which have never come to light, include the watermarking 'feature' in all their print engines. Since printer manufacturers can, and sometimes do, switch parts suppliers between models, a given manufacturer might have both bugged and clean hardware on offer at

Re:

[tlhIngan]

The tracking dots are for output devices and apply to all output, counterfeit or not.

On the input side, there's a pattern of 5 dots on practically all currency that programs like Photoshop and scanners recognize to degrade scanned images of currency. It looks like a distorted X with a dot at the ends and in the middle..

Re:

[fuzzyfuzzyfungus]

Some software(Photoshop being the big name; but not exclusive to them) also includes this 'feature'. If you manipulate an image of a major world currency in excessive detail, a neat little binary module included with photoshop will snag you and direct you to this [rulesforuse.org] rather bland organization.

Re:Reminds me of the Printer affair

[Anonymous Coward]

https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots
http://miami.typepad.com/springyleaks/2012/05/foia-release-names-spy-printers.html

Re:

[fast turtle]

Sorry but it only applies to color printers per International agreements to prevent/track counterfit money

sketchy but legit

[v1]

Their TOS describes how and what info is SENT to them by the client. This is information on your own computer. They don't have to tell you all the places they store your information. Think copy protection. There's a good deal of sneaky things they're doing on your computer to make sure you're running a legit license. They don't have to tell you about any of that. If you take a file that their client makes, and upload it somewhere, it may contain identifying information in it. This just happens to be a screenshot / image, that you wouldn't normally expect metadata to be in.

It's not too different than say, your digital camera embedding metadata. And it does. A lot. Usually common things like date/time, fstop, exposure, etc, but also can include model of camera, CAMERA SERIAL NUMBER, gps location, firmware version, total number of shots taken, etc etc.

So you can take off the tinfoil hat. It's too late. They're already in your head.

Re:sketchy but legit

[fuzzyfuzzyfungus]

The difference with digital camera watermarking is that EXIF is a (not always obvious depending on the UI, and sometimes less standard that it ought to be) standardized metadata storage system. The internet is rife with amusing mistakes made by people who don't know about exif and upload anyway; but that's a UI/user problem. The fields are well known, easily viewed and edited with commonly available software, and not designed to be covert or strip-resistant in any way. Some imaging devices are, quite arguably, excessively chatty by default, and that is a legitimate concern given user ignorance; but there isn't anything sneaky about the technology.

Watermarks, at least in this incarnation, are designed to be covert, strip-resistant, and are not intended for the creator of the image to be aware of.

This is a 'prisons and fortresses share certain architectural similarties; but do not share purposes' situation...

Re:

[v1]

Whether or not they're steno'ing the data only affects what you KNOW is in the file. They're still allowed to PLACE anything in the file, and they're neither required to tell you what data, nor even be obvious about it being in there in the first place.

Re:

[caluml]

It's steganography, not stenography. Stenography is what people in court-houses do.

Re:

[Missing.Matter]

So if you find a secret message in a court transcription, we have a case of a steganographer stenographer?

So what?

[aekafan]

This is what I think Blizz/Activision will say if you complain. What are you gonna do, go play another game? Even though they are losing subscribers, they have enough that they really don't care. I don't play WoW, nor do I even like it, but I have some relatives who are so addicted to it that Blizzard executives could break into their house and rape their children, and they would give it a pass. This is meaningless on that scale.

Re:

[Robert Zenz]

Exactly. As every user has read the TOS which they agreed to (*snickers*), they should know that they can't hold Blizzard reliable anyway...additionally, the "Acknowledgments" section sounds a like an interesting butt rape to me...well, not much worse then many other licenses, though.

Backmasked Message?

[trevc]

If you look at the JPEGs in a mirror you can see a hidden message "Hello, hunters. Congratulations. You've just discovered the secret message. Please send your answer to Old Pink, care of the funny farm, Chalfont."

Why not just email Mike Morhaime

[orodos]

and ask him wtf is going on? MMorhaime@blizzard.com

Screw Actizard, contact privacy@blizzard.com

[dasacc22]

Got fed up with all the BS and emailed privacy@blizzard.com to have my account and all my games perma-deleted from their system. Took an untold number of weeks for them to finally follow through on it but I'm now no longer a zard-tard.

Doesn't look like many slashdotters here care, but if you actually do then claim your info back and stop affiliating with this once decent company.

Re:

[Khyber]

I got you beat. I never touched WoW at all. I did EverQuest for about two months and got bored of it. Too easy.

No challenge (and I mean a real challenge, not once you can solve with an army of friends and brute force) means no go for me.

Seems well within their rights

[GodfatherofSoul]

The only people who'd need to worry are those exploiting the game who've distorted their toon names thinking that's all they need to do hide their identities.

It's confirmed

[equex]

Uh just read that thread guys, it's confirmed. Already with POC in several languages.

Interesting, but...

[ildon]

This is pretty interesting, but I think the OP is trying to spread FUD about what the implications of this data are. There is no personally identifying information contained in this watermark. It contains the server IP, server time, and account name. That's it. Now there's a lot of confusion about what "account name" means, so let me explain it for those who don't know.

About the same time that this watermark apparently showed up (2008, the 3.0 patch associated with the WotLK expansion), Blizzard converted the WoW login system so that it was integrated with their new Battle.net 2.0 login system. At this time, it became necessary to login to WoW using your account's email address instead of your traditional account name. That traditional account name is what's being encoded into the watermark, not your email address login. If you created an account after the Battle.net 2.0 merger, then your "account name" is a unique string that isn't even display to its owner. Anywhere in the account management webpage or login screen that this string would appear, it instead displays "WoW1", "WoW2", etc. (if you have more than one account).
So there's basically no way to associate this "account name" with your login information, real identity, etc. If you play on a private server, that account name is going to be based on the private server's login system, not Blizzard's login system.

It's pretty obvious what the real purpose of these watermarks were: to identify users who violated the NDA of their closed betas and ban them from the beta, identify users attempting to sell their account, and possibly to identify the IP address of private servers to assist in attempting to shut them down.

Further, the probability that these info could be used to help harvest accounts for gold selling or to phish for accounts seems ridiculous. It'd be highly inefficient to spend so much time on a single user when for far less effort you could just spam a million harvested email addresses.

I am sure....

[hesaigo999ca]

I am sure that WoW's EULA covers this watermark, as it does the installation of The Warden service which actually tells Blizzard all the apps running on your computer at the time that you play their game. This is extremely intrusive, much more than this watermark.... I therefor suspect the wording used to perpetuate this EULA to encompass the warden would also apply to the watermarks.

Long Live WoW!

Wow thats cool! Watermarked people!

[MindPrison]

"Activision Blizzard Secretly Watermarking World of Warcraft Users"

Cool man!

That explains why I've seen all these people on the streets with that appears to be a photoshopped watermark on them.

Is User ID secret?

[Control-Z]

IP address of the server, that seems harmless. Time, harmless.

Is the User ID secret or something that other players could see anyway?

Re:

[Anonymous Coward]

"Watermarks do not work that way!!! Good night!"

Re:

[Metabolife]

Yes, strategically place JPG artifacts caused by known compression techniques to create a readable barcode.

Re:

[Big Hairy Ian]

No it's a sail boat!

Re:That's no watermark...

[englishknnigits]

A schooner IS a sail boat stupid head!

Re:

[jellomizer]

Online Games, it is the game makers best interests to be hard against cheater. Because if left uncontrolled they will ruin the game for everyone.
So if you are going to be taking screen shots of your cheating. Might as well get tracked down and banned because of it.

I remember back in them olden days of Lan Parties. A professor in my college actually hosted a WarCraft II Lan Party. So we were on two teams, One side had the professors 8th grade kid. He found a cheat that worked online. Once we found out bo

Re:

[Dogtanian]

So if you are going to be taking screen shots of your cheating. Might as well get tracked down and banned because of it.

And if you *haven't* actually been cheating, but you've posted pictures of your WoW game for whatever reason over the years anyway, it's okay that identifying information was embedded without your knowledge (possibly to be used against you years later in circumstances like, oh... *this case*) even if you had good reason to want to remain anonymous?

Actually, I don't care whether the person *was* cheating, it doesn't excuse this sort of thing. If Activision had wanted to do this, they should have been open

Re:

[jellomizer]

You confuse explaining a rational for doing sometime, with an endorsement for the practice.

The gaming company know that cheaters are a problem, then they need to figure out where to draw the line.

Re:That's no watermark...

[Anonymous Coward]

My apologies- I thought your comment came across a bit like you (personally) were trying to excuse the company with that rationale, rather than merely explaining their position. I'm happy to accept that this was a misinterpretation.

What? No, dude, that's not how Internet debates are supposed to work! Dig in your heels, accuse the GP of backpedaling, and burn that strawman to the motherfucking ground!

Re:Unsubstantiated Rubbish

[gl4ss]

it's a pretty far done troll if so, if you read further to the thread(there was some disassembly from mac client).

(it would be entirely feasible that they remove the watermark at full quality.. because it would be obvious then).

this is blizzard we're talking about after all. (I don't think jpg artifacts would position themselves like that, not on any of my pron pics anyways)

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Unsubstantiated Rubbish

[Anonymous Coward]

If you read the thread, other people have actually decoded those "compression artifacts", and even wrote a tool to do it so, no, those aren't just artifacts.

Re:Unsubstantiated Rubbish

[JustOK]

Why? What did it say?

Re:

[firex726]

How do you account for the pattern then?

Substantiated Fact

[L4t3r4lu5]

This post has a script to save the watermark only [ownedcore.com]

Next time, actually read the thread before posting.

Re:Substantiated Fact

[Yvan256]

I'm sorry but that's totally false. The moon isn't made of cheese.

Re:Substantiated Fact

[crazyjj]

Hell, sometimes I don't even read the comments before replying.

Re:

[Intrepid imaginaut]

I don't even read my own comments, just hit the keyboard randomly. Sometimes I get lucky, sometimes not so much.

Re:Unsubstantiated Rubbish

[kgkoutzis]

From reading the thread, the artifacts do not appear when JPEG quality is set to 10 (i.e. maximum) or if a non-lossy algorithm is used (like TIFF or PNG). If this was meant to be a watermark, the programmer who wrote the algorithm should be fired.

These are most likely JPEG compression artefacts.

They did this on purpose, in order to avoid having their watermark identified when viewing the images in really high quality. An Assembly expert wrote some code that allows you to add this watermark on purpose in the high quality images: http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-general/375573-looking-inside-your-screenshots-4.html#post2491687 [ownedcore.com] We also decoded the content of the watermark and it indeed contains the account information, as mentioned. It is NOT artifacts. Please read the full forum post before posting dis-informative comments. Thank you.

Re:

[Anonymous Coward]

Wait, they added un unencrypted watermark? Why on earth would you NOT encrypt a watermark of this kind?

Re:Unsubstantiated Rubbish

[Mortimer82]

The thread indicates it may have appeared during WotLK alpha builds and only contains:
- Account name that was used pre-BNET or otherwise a post-BNET numeric account name. (email address is NOT included)
- IP address of the realm you are connected to, NOT the client IP. (However, this could be used to identify pirate servers).
- The time the screenshot was taken

I suspect it was most likely used to catch people leaking imagery of alpha builds which were not allowed to be made public. WotLK was the last WoW expansion Blizzard tried to keep secret for the alpha, but everyone was leaking it despite very clear NDAs having to be agreed to by all who participated. With their next expansion, they didn't bother with an NDA outside of a very small group of initial internal testers.

I wouldn't call this any kind of breach of privacy as none of the information is personal. An account name can only be matched to a real name by Blizzard and only if you play on their servers.

Of course privacy zealots will say otherwise, but each to their own.

Re:

[ruiner13]

I wouldn't call this any kind of breach of privacy as none of the information is personal. An account name can only be matched to a real name by Blizzard and only if you play on their servers.

Or you have a dump the hackers made of their client list, which contained screen names as well as other info. They could then use this hacked info to get to any of the other data, especially by someone who posted a screen capture online. Using the leaked DB could tie that screen capture to MUCH more data.

Re:

[BenJury]

It would be possible to use that information to get the first part of what is needed to actually log into an account. You've got the player name and realm, with that alone its easier to compromise an account. Although it is of course easier just to take the whole user list from Blizzard....

Re:Unsubstantiated Rubbish

[Mortimer82]

Their compromised database is indeed a very serious privacy issue. From a security point of view, fortunately they used a good enough password hashing technique that it is largely impractical to extract passwords from the dump.

From my experience, with almost all people who have their accounts compromised, it was due to phishing or malware. Consequently, account names in screenshots will probably not make any difference to how many people have account security issues.

Absurd

[medv4380]

JPEG compression artifacts? That's absurd! How would a random compression artifact contain the UserID, Time, and IP address? I'd be more likely to believe that was an actual picture of Jesus in my Sandwich. The reason the lossy compression just reveals the pattern.

Re:Absurd

[fuzzyfuzzyfungus]

Blizzard actually poisons the kernel entropy pool so cleverly that 'random' behaviors by the computer end up leaking identifiable information. Very sneaky of them...

Re:Unsubstantiated Rubbish

[Anonymous Coward]

I'm not surprised the commenter above didn't read the posts following the first post of the source.

What's important are these posts:

1.) Disassembly from the Mac OS X client, which shows watermark functions triggered in the screenshot routine.
http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-general/375573-looking-inside-your-screenshots-2.html#post2489452

2.) Using a memory modifier, the client is edited to only save the watermark (discarding the actual screenshot) even in JPEG 10 and Lossless formats. Completely disproves compression artefacts theory.
http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-general/375573-looking-inside-your-screenshots-4.html#post2491687

3.) Further disassembly shows the following are included in the watermark: Account Name, Realm Info (Serialized, unknown content), Realm IP, Timestamp
http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-general/375573-looking-inside-your-screenshots-5.html#post2492494

You really should read some of the posts in between as well, linking Digimarc to Blizzard Activision, patents filed by Digimarc describing precisely this watermarking technique (and possible predecessors), and how the payload (88 bytes) is repeated multiple times exactly to 5808 bytes in order to survive anticipated resizing and further compression.

Whilst I'm sure they may have good intents (for support maybe? giving benefit of the doubt here), it's these kinds of tricks being pulled by digital companies whilst keeping consumers in the dark that really turns me off.

Re:

[Anonymous Coward]

Some years ago I developed my own steganography techniques and those pictures reminded me of that.
You only need such patterns to encode information in lossy formats due to the compression artifacts. If you use a lossless picture, where every bit of every pixel is perfectly preserved, there are much more efficient ways to hide any information in the picture.
Most likely the TIFF, PNG and other lossless formats contain the same information or even more, just encoded in a different way.
So, if you want to avoid

Re:

[cluedweasel]

From the frequent "how to I open a screenshot" posts that used to appear in the WoW TS forum, I suspect it was changed to lower support calls.

Re:

[Intropy]

I once saw someone post a "link" to a screenshot on the forums that was something like "c:\documents and settings\username\desktop\World of Warcraft\screenshots\WowScrnShot_2353.tga." He didn't understand why nobody else could see it.

Re:

[cusco]

Oof. You have no idea how many times I've seen people blame Exchange/Outlook because a link like that in an email didn't work. "It's all Microsoft's fault!" Well, I guess in a way it is, since MS enabled even idiots to use a computer.

Re:

[CanHasDIY]

Also, whoever decided that screenshots should be saved as jpeg by default (assuming it is default) should be fired.

From a cannon.

Into the sun.

Re:

[ildon]

They were originally TGA, and you can still create TGA screenshots. They changed them to JPG by default for user convenience. Most WoW users are not computer savvy enough to convert their own screenshots.

Re:

[omnichad]

To prevent additional artifacts when you resize and save the image to JPG again. If you're doing anything to the image before publishing it, you don't want anything wrong at all with it.

Re:

[Entropius]

Because depending on how the screenshot looks, png may actually compress better?

Re:

[KingMotley]

Rarely, unless it's an extremely small screenshot like 16 pixels by 16 pixels, but it'd be hard to play WoW on that.

Re:

[GuldKalle]

Because compression artifacts look terrible on most CGI

Re:

[KingMotley]

Yes, because the majority of users who take screenshots are reviewing graphic cards.

Re:

[randomencounter]

Hmm, my browser failed to render your sarcasm tags.

Re:

[iamagloworm]

One may also ask 'Why would you play WoW?' but the answer is not a pleasant thing to say.

Re:

[ciderbrew]

Same reason they want to add your Facebook, twitter, game stats & time played/pissed away on line. A really shit reason.

Re:

[Big Hairy Ian]

Guild Websites, How To guides etc

Re:Why?

[RogueyWon]

I'm assuming you're just being sarky, but the question sort-of merits a proper answer in case anybody is actually interested. There are a few reasons:

1) Proof of a particular achievement. Guild websites etc frequently post screenshots of kills of new bosses (or of Arena victories if they're PvP focussed) to demonstrate the level they're playing at as an aid to recruitment. You see less of this these days, since the game added an actual achievement system, along the lines of that seen on Xbox Live or Steam.

2) Guides and walkthroughs for particular parts of the game (generally boss fights). There's a trend these days towards using youtube videos as a substitute for more traditional text-and-pictures guides. Now, youtube videos can have their place in describing MMO encounters (though I hate, loathe and despise them as a susbstitute for walkthroughs for offline games), but text-and-pictures is still much more convenient for a quick-reference guide and people are still making them.

3) Requests for technical help. Something along the lines of "hey, guys, I installed addon x, but it doesn't seem to be working properly - here's a screenshot".

4) Random silliness - either "look, I managed to get my character somewhere that's supposed to be inaccessible" (which you see less of these days) or "look, we used 500 dead gnomes to spell out "bumpoo" in giant letters across the Barrens".

Re:Why?

[Empiric]

"This watermark includes our user IDs, the time the screenshot was captured and the IP address of the server we were on at the time."

And, without a password to go with that user ID, none of these are what one should reasonably consider "personal" or "sensitive" in the first place.

IMHO, in terms of privacy concerns, this is a non-story. Simply presenting it to Slashdot as a neat graphical hack would make more tinfoil-free sense.

Re:

[SydShamino]

I believe Blizzard now requires user IDs to be a valid email address.

Re:

[SydShamino]

I stand corrected. It's not the email address; it's the old user name that A) was supposed to be secret, and B) can't be changed.

I very much would not want it associated with my character's name, as it could tie together different online identities that I have, as a privacy concern, a desire to keep separate.

Re:Ask Slashdot

[hawguy]

Sigh. This kind of story makes me miss ignorant Ask Slashdot questions. I wonder if the OP would mind if I told him how to select the best network cable for use at home.

I'd like to know - the cheap cables I keep buying on eBay often fail after a few plug/unplug cycles, and the $20 Systimax patch cables seem like overkill.

Re:

[Trails]

You're right! It's not possible! Besides, it's not like someone's already come up with a tool that can reproducibly retrieve the outlined info screenshots or anything [ownedcore.com]....

Re:

[Macthorpe]

Actually, I'm pretty sure all you'd need is a couple of screenshots with the watermark in. If you know the location of the watermark, you can start building the information out of just one, and two or three would give you enough.

And if someone posts a screenshot of them playing on a private server, or of them botting on a real server on a different website where their account name doesn't match, how on earth would you link that to an active player without something in the image?

Re:

[omnichad]

The watermark is embedded in the image multiple times. As complex a scene as it is, you can compare the multiple copies and look for the variations between them in common. If you already know where the "pixels" of the encoding is at and the differential that is used, it would be relatively easy to extract. On the other hand, Digimarc has a patent on it so it's relatively complex anyway.

Remember, you don't have to use an image manipulation tool to read the watermark. If the RGB values are all shifted by

Re:

[Khyber]

Until we have more than 3-4 people on some forum, where, conveniently, someone released a tool to disable this (which couldn't possibly be designed to steal your WoW account info!), then I call bullshit on the entire thing.

They released tools to get it alone out of the image and decypher it, so what the fuck else do you want?

Re:

[FyberOptic]

No, someone released a tool to "disable" the watermarking, within a very short time of all of this starting.

To anyone who is neither naive or stupid, the entire situation stinks of a scam.

Re:

[FyberOptic]

First of all, using a beta client as a basis, which is much more likely to watermark screenshots to begin with to make sure someone isn't passing around info they shouldn't be, is not an indication that the final client does or is doing anything. And I can't reiterate enough the uselessness of a watermark which is nearly impossible to use except in certain circumstances.

Second, I simply stated the facts. It's a group of 3-4 people who are "discovering" and dispersing all of this information. There is no

Re:

[FyberOptic]

You have no indication that it's not jpg compression. Take any image, from anywhere on the internet, and sharpen it in this manner. Different images will give you different intricate patterns, depending on the encoder used.

You have no idea if this strange visual effect is really just a compression artifact resulting from light variations due to shaders which WoW employs, causing very subtle differences in the colors in certain equally spaced locations. As long as it visually looks fine, it wouldn't matte