Activision Blizzard Secretly Watermarking World of Warcraft Users

New submitter kgkoutzis writes "A few days ago I noticed some weird artifacts covering the screenshots I captured using the WoW game client application. I sharpened the images and found a repeating pattern secretly embedded inside. I posted this information on the OwnedCore forum and after an amazing three-day cooperation marathon, we managed to prove that all our WoW screenshots, since at least 2008, contain a custom watermark. This watermark includes our user IDs, the time the screenshot was captured and the IP address of the server we were on at the time. It can be used to track down activities which are against Blizzard's Terms of Service, like hacking the game or running a private server. The users were never notified by the ToS that this watermarking was going on so, for four years now, we have all been publicly sharing our account and realm information for hackers to decode and exploit. You can find more information on how to access the watermark in the aforementioned forum post which is still quite active."

Other games?

[SJHillman]

Is this known to be the case for any other games? IE: Diablo III?

Ouch

[ledow]

Ouch. That's gotta hurt. I think there's a case for even places like the EU commission there, if people are unknowingly distributing other's data.

That said, I don't really care because I've never touched WoW. But, yeah, I can see the problem. 4 years of IP -> client records, plus things like date-time stamps. If nothing else, that's a whole host of web-crawling to link people to IP's, accounts.

You kind of expect it in pre-release reviews or betas or something but in the full client and in every screenshot? Bit nasty.

More interesting - what other games do that?

sketchy but legit

[v1]

Their TOS describes how and what info is SENT to them by the client. This is information on your own computer. They don't have to tell you all the places they store your information. Think copy protection. There's a good deal of sneaky things they're doing on your computer to make sure you're running a legit license. They don't have to tell you about any of that. If you take a file that their client makes, and upload it somewhere, it may contain identifying information in it. This just happens to be a screenshot / image, that you wouldn't normally expect metadata to be in.

It's not too different than say, your digital camera embedding metadata. And it does. A lot. Usually common things like date/time, fstop, exposure, etc, but also can include model of camera, CAMERA SERIAL NUMBER, gps location, firmware version, total number of shots taken, etc etc.

So you can take off the tinfoil hat. It's too late. They're already in your head.

Re:Why?

[iamagloworm]

One may also ask 'Why would you play WoW?' but the answer is not a pleasant thing to say.

Backmasked Message?

[trevc]

If you look at the JPEGs in a mirror you can see a hidden message "Hello, hunters. Congratulations. You've just discovered the secret message. Please send your answer to Old Pink, care of the funny farm, Chalfont."

Re:Other games?

[the simurgh]

i wonder how long till a lawsuit is filled because activision basically gave hackers all the info they needed to hack accounts and never told account holders not to post screengrabs because it contained account info.

Screw Actizard, contact privacy@blizzard.com

[dasacc22]

Got fed up with all the BS and emailed privacy@blizzard.com to have my account and all my games perma-deleted from their system. Took an untold number of weeks for them to finally follow through on it but I'm now no longer a zard-tard.

Doesn't look like many slashdotters here care, but if you actually do then claim your info back and stop affiliating with this once decent company.

Re:Unsubstantiated Rubbish

[Anonymous Coward]

Wait, they added un unencrypted watermark? Why on earth would you NOT encrypt a watermark of this kind?

Re:Unsubstantiated Rubbish

[Mortimer82]

Their compromised database is indeed a very serious privacy issue. From a security point of view, fortunately they used a good enough password hashing technique that it is largely impractical to extract passwords from the dump.

From my experience, with almost all people who have their accounts compromised, it was due to phishing or malware. Consequently, account names in screenshots will probably not make any difference to how many people have account security issues.

Re:Bootstrap

[lister king of smeg]

FTP which on windows workstations is handled, by default, by IE and to get a ftp client like filezilla you will probably use a browser, - chicken vs egg

or you could pop out the old linux disk and have any non IE/safari browser you want with a simple apt-get install, or simply while live booted grab the windows version of Firefox, Chrome, Konquerer, Opera, Seamonkey, elinks, whatever copy it you your windows partition reboot into windows install the new browser set all web related stuff to be handled by the new browser and kiss IE goodbye.*

*until the next windows update when it resets the default program for hyperlinks to IE again.