Real ID has been introduced as a feature a while ago to make connections with other players on battle.net easier. It basically displays the real name of other players in friend lists. Players are then able to see not only the real name of Real ID friends but also the names of their Real ID friends.

The Real ID feature was completely optional at this point, players who did not want to share their real name did not have to.

In a recent forum announcement Blizzard employee Nethaera informed forum members about upcoming changes to the forums.

Blizzard let forum members know “that in the near future, anyone posting or replying to a post on official Blizzard forums will be doing so using their Real ID — that is, their real-life first and last name”.

The changes will be first rolled out in the StarCraft II forums and later on in the World of Warcraft, Diablo and Warcraft forums.

The idea behind the change is to reduce trolling, flame wars and other “unpleasantness” in the forums.

Removing the veil of anonymity typical to online dialogue will contribute to a more positive forum environment, promote constructive conversations, and connect the Blizzard community in ways they haven’t been connected before

Forum accounts are linked to game CD keys but not necessarily to real names.

The response by the community is overwhelming (more than 860 pages in the World of Warcraft forum with more than 17000 replies) and mostly negative. Many forum users do not want their real names associated with their forum posts, citing stalking, job applications, protecting minors and identity theft as some of the dangers associated with real names showing up on the forums.

Some forum users even suspected financial reasons behind the move. It should also be considered that it is possible to pick fake names during account creation. The only downside of picking fake names is that it becomes harder to recover accounts.

We think the following will happen: Many legit users will stop posting in the forums or cancel their accounts completely. Trolls will continue to troll the forums as if nothing happened at all.

Are you an active member in Blizzard forums? What’s your take on the story?

WOW Addons extend the functionality of the game by displaying new information, functions or visuals. One problem that World of Warcraft players run into regularly is that addons will stop working after game updates.

The options for non working WOW addons are to disable them for the time being or to search for an update on the Internet. This has become a lot easier with the World of Warcraft Updating System.

The WOW Addons updater will automatically scan the World of Warcraft installation. The software will then query a database and check the version of each installed addon with the version on the server. It will furthermore download and install all newer addons automatically.

The software can also be used to backup and restore WOW addons easily.

If the system meets the requirements the exploit is used to download and execute trojans that steal information and droppers that download additional trojans. Information that are stolen are for example World of Warcraft account information while the droppers download files that add the computer to a botnet. (according to Trendmicro)

Most antivirus companies have already updated their software to disable the possibility that this exploit can be used on the computer the software is running on. Your best bet if you do not use antivirus software is to either disable Flash for now or use an extension like NoScript to block Flash on every domain but trusted ones.

You can try the following two methods to join the irc server. The first would be to use a java client running on the site that gives out the beta keys. Just head over to worldofwar and the chat will try to auto connect to the server. The second method would be to either use the chatzilla add-on for firefox or a regular client for irc like mirc.

You will have to do the following if you choose the latter methods or the auto connect fails. Type in the following command and hit enter:

• /server irc.incgamers.com

Once connected you have to enter the channel where the contest takes place:

• /join #wow

Sometimes you get a message that your nickname is in use, to change your nickname type

• /nick anothername

The last command that makes you join the contest would be:

• /msg bc enter

Substitute with your email, with your wow account name and select either US or EU depending where you play the game.

You do not have to be present after you have done this few steps, just stay connected and hope that you are chosen by the channel bot.

The server seems to be flooding with people at the moment, I had troubles connecting, just try again if that happens to you. You will eventually make it. Remember the contest runs for 5 days.

Link to the contest announcement

Enjoy it.

This program once installed could not be uninstalled by normal means. Hackers could use the software to hide their hacking attempts from antivirus tools and the like. Who would have thought that the first available use would be using this for hacking the online game World of Warcraft ?

Blizzards Warden Client checks every 15 seconds if the computer playing Word of Warcraft runs programs or scripts in its background that would illegally help players cheat in the game. Take a look at the related thread to receive more information.

Update: The thread is no longer available and traces of the incident are only found on third party news site and not on the original sites they have been posted on.

It is nevertheless interesting to note that hackers managed to highjack the rootkit for their own purposes, in this case to cheat in the World of Warcraft game. It is likely that it can be used for other purposes as well, for instance to elude detection by convention security software that is not able to detect rootkits on the computer system.

One could now think that it took hackers a long time to manipulate the rootkit software for their own plans. It was in fact incredibly easy: Blizzard’s anti-cheat protection software could not detect files with the modified prefix $sys$. All it took was to add the prefix to the files and make sure the rootkit was up and running on the PC system to bypass Blizzard’s WOW protection.

According to Greg a software know as the “warden client” is executed every 15 seconds on all World of Warcraft clients that are currently playing the game. Here is what Greg found out about it:

• The warden dumps all the DLL’s using a ToolHelp API call. It reads information from every DLL loaded in the ‘world of warcraft’ executable process space. No big deal.
• The warden then uses the GetWindowTextA function to read the window text in the titlebar of every window. These are windows that are not in the WoW process, but any program running on your computer.
• I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. These strings can easily contain social security numbers or credit card numbers, for example, if I have Microsoft Excel or Quickbooks open w/ my personal finances at the time.

  Once these strings are obtained, they are passed through a hashing function and compared against a list of ‘banning hashes’

• Next, warden opens every process running on your computer. When each program is opened, warden then calls ReadProcessMemory and reads a series of addresses – usually in the 0x0040xxxx or 0x0041xxxx range – this is the range that most executable programs on windows will place their code. Warden reads about 10-20 bytes for each test, and again hashes this and compares against a list of banning hashes.

Gregs conclusion is that the warden client can be declared to belong to the category of spyware. The EFF (Electronic Frontier Foundation) calls it a massive invasion of privacy.

According to the EFF Blizzard has come up with three responses:

Warden doesn’t collect personal information, so what’s the problem?

The thing is, warden does at least scan personal information and process these findings. In other words, a privacy invasion takes place even though Blizzard claims that no data is saved.

Everyone’s doing it. Blizzard points out that many companies use hack-scanning programs

Thats no excuse, is it ?

Read the EULA. Blizzard advises gamers of its intent to invade in its terms of service. “People should read contracts, says Blizzard rep John Lagrave.

Well, I don´t know a lot of Gamers who actually read the EULA of a game and Blizzard surely knows this.

Hoglund released a tool called The Governor that watches the activities of World of Warcraft, and clearly reports which data is being read from other processes. You can download it at Greg Hoglunds site