• Register
  • TOS
  • Privacy
  • @NeoGAF

The Orange
Member
(07-30-2012, 10:42 AM)
Edit:

Seems to have been patched already, so update Uplay and it should be ok:

Originally Posted by iNvidious01

Original OP content below:

http://news.ycombinator.com/item?id=4311264

The important bit of that post:

Ubisoft installs a backdoor that allows any website to take over your computer. The Sony BMG rootkit was also DRM and required product recall when it was discovered.

The original post for the hack:

http://seclists.org/fulldisclosure/2012/Jul/375


Fixes before people start going crazy:

Originally Posted by SparkTR

You want to fix this? Disable the plug-in in your browser. Done. People talking about reformatting their PCs are making me facepalm.

Google chrome users: You can go to "about:plugins" and disable this and all other things that might expose you to extra security risks such as "Microsoft Office" (even "Native Client") or any other plugins that exposed in there by 3rd party without any confirmation.

Last edited by The Orange; 07-30-2012 at 04:24 PM.
Yagharek
Member
(07-30-2012, 10:44 AM)
Yagharek's Avatar
Megaton.

Wonder why it took so long to prove it was rootkit?
Corky
Nine out of ten orphans can't tell the difference.
(07-30-2012, 10:45 AM)
Corky's Avatar
So if I once installed uplay on my pc I can't get rid of all it's traces?
flipswitch
Member
(07-30-2012, 10:45 AM)
flipswitch's Avatar
There goes me buying Watchdogs on PC.
Ryoku
Member
(07-30-2012, 10:45 AM)
Ryoku's Avatar
Fuck Ubisoft on their stance on PC games.
GrizzNKev
Member
(07-30-2012, 10:45 AM)
GrizzNKev's Avatar
Damn. ACIII PC delayed for an extra year?
mclem
Member
(07-30-2012, 10:46 AM)
Thought one: There was a Just Dance 3 on PC?

Thought two: Anno isn't listed. Omission, or is it actually exempt?
GoncaloCCastro
Member
(07-30-2012, 10:46 AM)
GoncaloCCastro's Avatar
Well this is crap! I bought the Assassin's Creed Pack on steam's sale!
TyrantGuardian
Banned
(07-30-2012, 10:47 AM)
TyrantGuardian's Avatar
Lol, fuck Ubisoft. Bought Anno and Driver on the Steam sale. Guess I'm never installing either once I build my new PC.
blamite
Member
(07-30-2012, 10:47 AM)
blamite's Avatar
I once installed and then uninstalled From Dust on Steam. Should I kill may laptop before it kills me?
JaseC
gave away the keys to the kingdom.
(07-30-2012, 10:47 AM)
JaseC's Avatar

Originally Posted by GrizzNKev

Damn. ACIII PC delayed for an extra year?

When it comes to Ubi and delaying PC releases, any excuse will do.
Sethos
Banned
(07-30-2012, 10:47 AM)
Sethos's Avatar
Looks like it's time to re-install Windows, thanks UbiShaft - Delay some more PC titles while your at it :)
SirIgbyCeaser
Banned
(07-30-2012, 10:47 AM)
SirIgbyCeaser's Avatar
Isn't this the first step in getting it banned from products? Good news???
endresults
Member
(07-30-2012, 10:47 AM)
endresults's Avatar
BOOM goes the dynamite. Ubi gets all that's coming their way this time.
trinest
(07-30-2012, 10:48 AM)
trinest's Avatar
The only thing good from this is when it crumbles and Ubisoft patches out Uplay.
Game Guru
Member
(07-30-2012, 10:49 AM)
Game Guru's Avatar
And this is why companies need to just use Steam's DRM if any. Seriously, Valve would've never had something like this.
EightBitNate
Member
(07-30-2012, 10:49 AM)
EightBitNate's Avatar
Wow, so that explains why Watchdogs looks so good. It's actual footage.
Cisce
Member
(07-30-2012, 10:50 AM)
Cisce's Avatar
Now I'm glad that I actually missed out on Anno 2070's Steam sale. Otherwise, I'd be re-installing my PC right now.
HP_Wuvcraft
(07-30-2012, 10:50 AM)
HP_Wuvcraft's Avatar
Done on purpose or not (which I highly doubt it was), this is an extremely stupid fail.
Maxwood
Member
(07-30-2012, 10:50 AM)
Maxwood's Avatar
Ubicrap takes a whole new meaning.
reptilescorpio
Member
(07-30-2012, 10:50 AM)
reptilescorpio's Avatar
Jeez and I wasn't far off installing Driver San Fran too! Also already have a copy of AC3 paid for on GMG. Hopefully they clear this up nice and fast to avoid the shit hitting the fan for them.
fabricated backlash
Member
(07-30-2012, 10:50 AM)
fabricated backlash's Avatar
Why am I not surprised... this shit is depressing.
SparkTR
Member
(07-30-2012, 10:52 AM)
SparkTR's Avatar
Uplay sucks, but the title is misleading.
Des0lar
will learn eventually
(07-30-2012, 10:52 AM)
Des0lar's Avatar
FUCK I just bought from Dust during the Steam sale. I knew it was a fucking bad idea to buy a Ubi game....
Ryoku
Member
(07-30-2012, 10:52 AM)
Ryoku's Avatar

Originally Posted by Game Guru

And this is why companies need to just use Steam's DRM if any. Seriously, Valve would've never had something like this.

No. No DRM at all would be lovely. Valve worship is something I don't get. Great company, but the worship is not needed.
GrizzNKev
Member
(07-30-2012, 10:53 AM)
GrizzNKev's Avatar

Originally Posted by JaseC

When it comes to Ubi and delaying PC releases, any excuse will do.

All Ubi PC games delayed to 2015 while new, more restrictive DRM is invented.
Omikaru
Banned
(07-30-2012, 10:53 AM)
Omikaru's Avatar
Well fuck. Glad I never installed uPlay on my newest machine.

Almost did though. Was very close to buying the Assassin's Creed pack on Steam.
Enco
Member
(07-30-2012, 10:53 AM)
Enco's Avatar

Originally Posted by TyrantGuardian

Lol, fuck Ubisoft. Bought Anno and Driver on the Steam sale. Guess I'm never installing either once I build my new PC.

Anno has a 3 activation limit. Why the fuck would you buy it?

Lol Ubi you piece of shit. No AC3 for me.
Iceblade
Member
(07-30-2012, 10:54 AM)
Iceblade's Avatar
Can anyone explain what this means? Like, Ubisoft's DRM allows anyone to get into your PC? Or just Ubisoft itself?
-Cade
Member
(07-30-2012, 10:54 AM)
-Cade's Avatar
So what's the easiest way to fix this? Bought SC:C last Steam sale and played it a few times.
EscoBlades
(07-30-2012, 10:55 AM)
EscoBlades's Avatar
Aye caramba!!
Zevenberge
Member
(07-30-2012, 10:55 AM)
Zevenberge's Avatar
I don't really understand it. Basically installing a Ubisoft game enables random sites to hack your PC? If so, why on earth would a company do that?
SparkTR
Member
(07-30-2012, 10:56 AM)
SparkTR's Avatar

Originally Posted by Iceblade

Can anyone explain what this means? Like, Ubisoft's DRM allows anyone to get into your PC? Or just Ubisoft itself?

People are exaggerating. Uplay just installs a web browser plug-in that has poor security standards. There's nothing to suggest it can be used to alter protected Windows processes or Ubisoft games. You want to fix this? Disable the plug-in in your browser. Done. People talking about reformatting their PCs are making me facepalm. This is more down to incompetence than malicious intent, and I don't expect competence from Ubisoft.
Last edited by SparkTR; 07-30-2012 at 10:59 AM.
Jintor
Lit himself on fire to get
a mod to tag him
(07-30-2012, 10:56 AM)
Jintor's Avatar
Well fucking shit.
TemplaerDude
(07-30-2012, 10:57 AM)
TemplaerDude's Avatar
This is not going to go over well.
GoofsterStud
Member
(07-30-2012, 10:57 AM)
GoofsterStud's Avatar
I am glad that Uplay has been outed as the rootkit it is. I only hope they come up with a way to completely remove all traces for their loyal customers.
MNC
(07-30-2012, 10:58 AM)
MNC's Avatar
Well, fuck. There goes me playing any Ubisoft game on my PC.
Haunted
(07-30-2012, 10:58 AM)
Haunted's Avatar
wow!

Ubi will be getting a shitton of backlash for that, if true. And it'll definitely have a visible negative impact on PC sales (and deservedly so) if they continue to do so.
Ryoku
Member
(07-30-2012, 10:58 AM)
Ryoku's Avatar

Originally Posted by Zevenberge

I don't really understand it. Basically installing a Ubisoft game enables random sites to hack your PC? If so, why on earth would a company do that?

You can disable it through your web browser. People get pissed at terrible service from Ubisoft on the PC front, and this just adds to their reasons.
areal
Member
(07-30-2012, 10:58 AM)
areal's Avatar

Originally Posted by EightBitNate

Wow, so that explains why Watchdogs looks so good. It's actual footage.

Connection is power...
Game Guru
Member
(07-30-2012, 10:58 AM)
Game Guru's Avatar

Originally Posted by Ryoku

No. No DRM at all would be lovely. Valve worship is something I don't get. Great company, but the worship is not needed.

Well, I said if a company must use DRM... I would prefer it if Steam's games didn't have DRM either.
Last edited by Game Guru; 07-30-2012 at 11:01 AM.
Lemonte
Member
(07-30-2012, 10:59 AM)
Lemonte's Avatar
Now I regret even more buying Driver San Francisco. Game doesn't even work properly.
Tomat
Member
(07-30-2012, 11:00 AM)
Tomat's Avatar
More like Ufail am I right?

I'll be here all week, I've got nothing better to do.
Ryoku
Member
(07-30-2012, 11:00 AM)
Ryoku's Avatar

Originally Posted by Game Guru

Well, I said if a company must use DRM... I would prefer it if Steam's games didn't have DRM either.

You do realize that you don't own the games that you pay money to buy on Steam, and that they can be taken from you at anytime, right?
Visualante2
Member
(07-30-2012, 11:01 AM)
Visualante2's Avatar
Mother fuckers. No mention of this in the EULA at all?

Guessing this breaks some EU law and would require a recall if not, as with the Sony products.

e. I think you're over reacting when it comes to the 'rootkit' comparison. It's a browser plugin, surely you can just disable the browser plugin? Or is there some deep seeded authorisation given to the plugin on your computer's hardware?
Last edited by Visualante2; 07-30-2012 at 11:06 AM.
-Cade
Member
(07-30-2012, 11:03 AM)
-Cade's Avatar

Originally Posted by SparkTR

People are exaggerating. Uplay just installs a web browser plug-in that has poor security standards. There's nothing to suggest it can be used to alter protected Windows processes or Ubisoft games. You want to fix this? Disable the plug-in in your browser. Done. People talking about reformatting their PCs are making me facepalm. This is more down to incompetence than malicious intent, and I don't expect competence from Ubisoft.

You're a gentlemen and a scholar, thanks.
TheD
The Detective
(07-30-2012, 11:04 AM)
TheD's Avatar
Uhh, I don't see how this is a rootkit.

This just looks like a normal exploitable software flaw.
Frankie Williamson
Junior Member
(07-30-2012, 11:05 AM)
Frankie Williamson's Avatar
Ubisoft is just such a dreadful company. Thankfully, I have not installed any of the games listed.
Iceblade
Member
(07-30-2012, 11:05 AM)
Iceblade's Avatar

Originally Posted by SparkTR

People are exaggerating. Uplay just installs a web browser plug-in that has poor security standards. There's nothing to suggest it can be used to alter protected Windows processes or Ubisoft games. You want to fix this? Disable the plug-in in your browser. Done. People talking about reformatting their PCs are making me facepalm. This is more down to incompetence than malicious intent, and I don't expect competence from Ubisoft.

Thanks, nice to see some level-headedness amongst all of the silly quickfire reactions in here.
Dingotech
Member
(07-30-2012, 11:06 AM)
Dingotech's Avatar

Originally Posted by SparkTR

People are exaggerating. Uplay just installs a web browser plug-in that has poor security standards. There's nothing to suggest it can be used to alter protected Windows processes or Ubisoft games. You want to fix this? Disable the plug-in in your browser. Done. People talking about reformatting their PCs are making me facepalm. This is more down to incompetence than malicious intent, and I don't expect competence from Ubisoft.

Thanks just diabled the addins.

Will UPlay still run with the addins disabled? I'd like to play more Driver at some point...

Thread Tools