I mean
they got caught
if they did this again they would get caught again
They're not going to do it again
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Capcom puts anti-cracking rootkit in Street Fighter 5 PC version update
- Thread starter Jimmyfenix
- Start date
I mean
they got caught
if they did this again they would get caught again
They're not going to do it again
Jawmuncher
Member
GOOD.
Still don't know who at capcom even thought to allow this.
You have people datamining your games on every little patch.
They're gonna find stuff like this.
Idiots.
Delusibeta
Banned
On the one hand, that's not Denovo. On the other, Denovo would be infinitely more preferable that that bullshit. This definitely deserves blowing up in Capcom's face.
If you didn't run the game, you're fine.
It's if you updated AND ran the game (and allowed the game to run as admin, which it shouldn't EVER need) that you need to go digging for the Capcom.sys file to delete.
MadLaughter
Member
So I read the OP but don't 100% get it. From what I can tell, in an effort to stop piracy, they made a backdoor that makes it easier for the USER to get hacked?
If anyone has a better understanding, I'd appreciate the 'for dummies' version.
If anyone has a better understanding, I'd appreciate the 'for dummies' version.
Not exactly. In an attempt to stop people from exploiting their game, they literally hacked the computer of everyone unlucky enough to download their game's patch and play the game.
The hyperbole is real with this one. I'm pretty sure you weren't buying anything man. You're just jumping on the bandwagon as usual with a hidden agenda. You'd think Capcom did this on purpose going by some posts but they are clearly working on this issue asap. How were they trying to "slip" it by when it was clear they knew they messed up and are fixing the issue? Some of the entitlement from gamers is so fickle it's unbelievable. Xrd made you pay $60 for a second time for a couple new characters and features - not worth it.
It's not an effort to stop piracy. It's an effort to protect their shitty microtransactions since PC players since launch were able to get the colors (by doing survival) with a trainer (or "one round survival mod" to only do one round to finish the levels to unlock the colors quickly) and FM for doing survival easily to where there was no need to throw money at Capcom to unlock them.
Just look at how Capcom solved that complaint: Instead of giving the colors out based on play like Street 4, they put them as a Microtransaction. "Oh you suck at Survival? Pay us $1 each for 3-packs of color unlocks. OH AND THEY DON'T UNLOCK STORY OR DLC COLORS EITHER! PAY US MORE FOR THOSE!"
Hence, this malware to try to get PC folks to pay up.
Don't care, the damage is done. Until Capcom outright says they will NEVER do something like this again and their future titles show it, I'm not buying anything from Capcom again.
Except they did. Just look up at how they want to protect their revenue stream instead of actually solving shit PC players have complained about for seven months (no rebindable keyboard, no DirectInput support) in their content patches. Please stop defending Capcom for wanting to install Malware on your PC to try to get you to pay up for shit that shouldn't have to be a grind to get.
That's a surprise.
I played it because of the update. I play it because of the updates.
From what I can tell, if someone competent wanted to get in, they could do so without too much trouble due to how matchmaking connects the players.
Which made it all the more pertinent that capcom reverse this, which they are at least doing.
Same here, the only reason I had the game installed for this long was because of Urien lol. How was I supposed to know he was bringing a malware with him?
I can't be bothered to re-install it again.
No, they totally did it accidentally.
You're right. Everything is cool. This is a good product by a good company.
Sorry for being so entitled and vocal on the internet.
Phanatic8390
Member
I'm confused
So as long as I didn't play it since the update I'm safe?
I couldn't find the Capcom.Sys file in my system32
So as long as I didn't play it since the update I'm safe?
I couldn't find the Capcom.Sys file in my system32
stan423321
Member
If the summary in OP is correct: when this "driver" is active, it basically allows anyone to run anything on kernel rights using an obscure protocol, AND lowers kernel's protection against errors (to allow the first one easily). So, a hacker who knows about this has TWO tools handled to easily jump from malicious userland code (bad application you run, or nice application hacked, like browser or office program typically) into the core of system and do basically anything.
I think so, some people can't find Capcom.sys even after turning on hidden files, I assume it's because they never launched the game post-update or couldn't launch it. You're probably safe.
Lmao. No wonder they kept that costume hidden from us for so long. They didn't want to expose the real reason behind his thong, and now we are ashamed of our words and deeds.
They did implement this on purpose. They even said so, just not exactly what. Users had to investigate to see what the potential harm could be. They should have known better than to do it in the first place. It's careless at best and customer contempt at worst. I don't fault people if this is the breaking point for them.
All part of the Illuminati's plan
Yes. But make sure you uninstall the game and forget it exists to make sure you don't have that risk ever again.
What the fuck are you taking about? It's is piracy of you steal something from a game where you are meant to PAY for stuff and use it for your own gain. It's thier revenue stream and why wouldn't any company want to protect that? Also with the this update you can actually buy colours with FM so I'm not sure why you are taking about buying them. Daily/Weeky challenges is also set up to gain you more FM to obtain them.
This whole issue came from certain PC folks hacking the game which led to Capcom developing this anti-crack solution in the first place, it's just they didn't implement it properly and are trying to fix this issue now. I'm not defending them but what I am doing is not acting entitled and thinking logically because this sort of stuff happens with software companies and has happened in the past. If good Capcom have reacted immediately and a fix is coming soon.
Sorcerer Supreme
Member
sfv is a mess. i don't feel bad about refunding sfv on pc for a second time when i see stuff like this.
Not even Kojima can break the fourth wall like this, Capcom are on another level.
Unlocking colors that was done in the previous entry FOR FREE with a non-tedious/input reading method is piracy now, really?
The ONLY things that should be MT's are: Characters, Stages, DLC outfits (things you'd get with a Season Pass). The colors for the outfits, the titles, etc. shouldn't be and should be unlockable (which they are) without BULLSHIT methods of having to do that (read: Trainers because Hard survival reads your inputs around level 20 of 50 stages).
"But they have to protect their shitty microtransactions from people that didn't want to deal with that shit because SF4 didn't have it, though! What do you mean you have to unlock the colors with 3 levels of AI-input reading!?"
I know this wasn't directed at me obviously, but I play the game, I like the game, I bought the season pass, and this situation is ridiculous. I really do like the game but I don't feel like giving it any more of my time or Capcom any more of my money for this. Speaking in the heat of the moment here, but it really is frustrating. And yes, I'm aware they are rolling it back.
It's not that they didn't implement it properly. It's that the solution wasn't a solution worth considering, and they should have known that and sought out other, more rational ones.
It doesn't matter about what it was in the previous version, the fact is it's NOT free in this game and in this newest update (if you actually bothered to read or even care about this game) you would have realised you can buy those colour packs for FREE with Fight Money. Daily challenges are also implemented to help on this regard. Stop trying to justify hacking a game regardless of how difficult it might be to obtain that content for some.
Now, I'm not saying Capcom didn't mess up, I think they fucked up big time with this anti-hacking measure but I'm the sort of person who doesn't like to whine over things you can't control and try to move on with things. Capcom messed up, no denying that, but at least they are trying to fix the issue as soon as possible.
So, if SFV requests admin access to install capcom.sys to your System32, and Capcom is now rolling it back. Doesn't that mean that SFV will have to ask for admin access again to delete it? Because that may not seem entirely trustworthy given recent history. Even if it only does exactly that.
Depends. Right now it asks to do that each bootup to put it in the system32. If they rollback and forget to have a one-time call of deleting it themselves, you'll have to delete it manually.
I doubt they'll update it to delete it.
It's fine, they'll just update it to delete system32 instead.
stan423321
Member
I'll try to reword the explanation of this "driver". The key concept to understand is that it doesn't do anti-cheat stuff. Perhaps because cheats will change and they didn't want to change the driver, or perhaps because developing drivers the right way is hard and they didn't want to poke Windows for constant driver changes during development of anti-cheat.
So instead this driver allows programs to temporarily install their own drivers, which can be anti-cheat programs, but which also can be malware like keyloggers and such. It apparently doesn't verify what it runs at all. Whoever allowed this to be distributed either uses some insanely painful security system and assumes everyone does too, or doesn't know/give a shit about security, or had a very bad headache that day.
This assumes disassembly is correct. I don't know much about disassembling so I can't verify it.
One thing that confuses me: is this driver signed by MS? If so, aaaaaaaaaaaa!? If not, doesn't Windows block that? If indirectly, who signed it directly?
So instead this driver allows programs to temporarily install their own drivers, which can be anti-cheat programs, but which also can be malware like keyloggers and such. It apparently doesn't verify what it runs at all. Whoever allowed this to be distributed either uses some insanely painful security system and assumes everyone does too, or doesn't know/give a shit about security, or had a very bad headache that day.
This assumes disassembly is correct. I don't know much about disassembling so I can't verify it.
One thing that confuses me: is this driver signed by MS? If so, aaaaaaaaaaaa!? If not, doesn't Windows block that? If indirectly, who signed it directly?
Disassembly?