The Web, Security, and You (think: PunkBuster)

First, let me say that I never thought for a moment that I would be discussing net security in this blog. It’s about archmages, which is playtime. Security is worktime. Nevertheless, since PunkBuster seems to have a lot of people upset, I thought I would speak to it. There’s no way I can relay to you a course in computer and network security in a single blog entry. But I’m going to try and tell you what you might need to know to relax about this PunkBuster shenanigan. If you have any questions, I encourage you to ask them.

If you run Windows, and you connect to the internet, you are “infected”. Without virus protection, you are infected in two minutes. If you do run anti-virus, it just takes longer. You’re kind of screwed. Your firewall(s) help, but you’re still screwed. Snort, or some other vicious packet analyzer that doesn’t let anything remotely suspicious through to your precious Windows environment, that is still going to let stuff slip by. All of that stuff is very good at fending off known viruses and attacks. New ones? They wouldn’t be new if they couldn’t just waltz right through.

Why do they do it? Why write a virus? Why hack into somebody’s system that you don’t know? There are a few reasons. Vengence or proof that you can do it (for a new hacker) are sort of the mundane ones. More typical would be to steal processor cycles, or to let *your* computer get caught when they bounce their signal through to attack someone else. Here is my favorite scary one: *Storm Worm*. It’s still working. It seems to adapt. @_@ (Likely there is someone or a group of someones, not necessarily cooperating, that make it adapt.)

There is software like that all over, hopping from machine to machine, making large networks of “zombies” (botnets) to serve nefarious purposes. As your computer ages, it gains them…like a mattress gaining dustmites. Just as that matress gets heavier, your computer gets slower. And eventually no amount of virus scanning will get rid of them. There are many viruses and rootkits now that – if you get infected – you just have to format. And wipe your bios chip.

The situation is not entirely hopeless. The reason that our computers go so long without being really slow and enslaved to some hacker is that we do use software to counteract it. When an exploit is revealed or a virus comes to the surface, the anti-virus/security companies get to figure it out and add it to the list of known problems. Then your anti-virus program gets it and you are effectively immunized. (Usually.) By this practice, thousands of script-kiddies are denied the ability to crack into your computer and snatch pictures of your dog. If you become a desireable target, then the story might change.

You ever hear how Macs are “immune to viruses”? Well, that’s bullshit. Macs are very much exploitable, just as Windows is. In fact, it’s almost more exploitable, since the hardware is so cookie cutter. However, there are MANY more systems out there that run Windows. They’re freakin everywhere. So it’s much more profitable (and statistically much more successful) to write viruses for Windows systems, since you are more likely to infect more of them. Software always has holes, and there are people out there that want to use them.

Well, WAR only runs on Windows. And WAR is a viable place to make Money. Remember WoW and the gold farmers/spammers? Remember the hack that let mages levitate off the ground constantly, so they could level to 30 in an hour by soloing all of Deadmines (pull the entire instance, which can’t hit you because you’re too high, then Arcane Exploding them all to death at the end)? We don’t want that to happen. And some guy will try to write a program that’ll do it. And when it works, he/she will put it on the web where script kiddies can d/l it and use it themselves. You don’t have to know how it works in order to use it.

But the more spread it gets, the more likely a security company is to discover it, and add it to the list of things that its program can stop. Then yay. We only have to worry about a handful of skilled and trained hackers, instead of them and their thousands of script kiddie minions. That is why PunkBuster is a good thing. They have seen many things like this, and the program has a good chance of sniffing it out early and putting a stop to it.

Keep in mind that Mythic is a game company, not a security company. It is their responsibility to write hardened code and to make sure their design isn’t full of holes, but a back up plan is a very good idea. PunkBuster has a pretty good resume (a lot of games = a lot of experience). And since it won’t auto-ban or auto-kick, there really isn’t any reason to fear or hate it. Just like Warden in WoW, you will probably never be aware that it’s running.

Some people were concerned about “constant screenshots” slowing down their FPS. The screenshots will definately not be constant. Sending constant screenshots over the web would eat up WAY too much bandwidth. Very, very likely PB will only take a screenshot when it sniffs something. It is watching your processes and ports for known bad things and behaviors.

Some people didn’t like the idea of a program watching their processes. What do you think your anti-virus programs do? Viruses will hide there. Someone has to ferret them out. Since they might not count as viruses, that job falls to Mythic and PB. Besides, your processes aren’t really private. =P They’re just programs. We all got em. Sheesh.

In a nutshell, I am saying that PunkBuster is a good thing. It will help stave away hacks and exploits and keep WAR a fun game in which people follow the rules. It should further comfort you that Mythic has stated it’ll drop PB if during beta testing it becomes a clear problem.

So that brings us to an abrupt conclusion. If you are still curious or worried, I have taken it upon myself to try and set you at ease. Post. <3

~ by thade on July 11, 2008.

4 Responses to “The Web, Security, and You (think: PunkBuster)”

  1. You’re just coming up aces with great, thoughtful, well-written articles — keep it up!

  2. ^^ What he said. GJ

  3. […] Archmagery brings some professional competence to bear and explains why Punkbuster is a good thing. […]

  4. […] Archmagery explains Punkbuster. Do you think you’re lucky, punk? […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: