Account suspension discussion [merged]

[Nightlark.4029]

> @"Twoodi.5849" said:

> > @"Deihnyx.6318" said:

> > > @"Jinks.2057" said:

> > > > @"starhunter.6015" said:

> > > >

> > > > >

> > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > >

> > > > > You need to do your research and come back when you understand the entire situation

> > > >

> > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > >

> > > No it opened each file and read it then sent it back to Anet servers.

> > >

> > > That is the definition of spyware

> > >

> > >

> > > Read the link to the reddit post

> > Read it, yes.

> > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

>

> Stop posting misinformation

>

> > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

>

> > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

 

I think you're off off on the meaning of "[trivial] to reverse". What fowsa meant is that it is easy to look up the hash on VirusTotal to find what program that hash corresponds to (note that the hash is MD5 -- it is possible for a collision where a different file results in the same hash). If no one has ever submitted a sample of a file to VirusTotal (or a similar site), then they can't go from the hash back to the original file; math doesn't just magically let you go from 128 bits back to a 5 megabyte file.

[Twoodi.5849]

> @"Malediktus.9250" said:

> > @"Twoodi.5849" said:

> > > @"Deihnyx.6318" said:

> > > > @"Twoodi.5849" said:

> > > > > @"Deihnyx.6318" said:

> > > > > > @"Jinks.2057" said:

> > > > > > > @"starhunter.6015" said:

> > > > > > >

> > > > > > > >

> > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > >

> > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > >

> > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > >

> > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > >

> > > > > > That is the definition of spyware

> > > > > >

> > > > > >

> > > > > > Read the link to the reddit post

> > > > > Read it, yes.

> > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > >

> > > > Stop posting misinformation

> > > >

> > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > >

> > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > >

> > > Do you even read what you post?

> > > "create a MD5 hash of it and returns said hash"

> > >

> > > Seriously.

> >

> >

> > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> >

>

> So? Seems to be pointless to salt stuff like that since the contents of the files cannot be reversed. It can only be used to compare it with known files.

 

You might be fine with that not everyone is hence why every other company like blizzard does this locally

[Bloodstealer.5978]

> @"Malediktus.9250" said:

> > @"Bloodstealer.5978" said:

> > > @"Ashen.2907" said:

> > > > @"Bloodstealer.5978" said:

> > > > > @"Nezekan.2671" said:

> > > > > > @"Obtena.7952" said:

> > > > > > > @"Nezekan.2671" said:

> > > > > > > > @"Obtena.7952" said:

> > > > > > > > It couldn't be more clear. There is a list of software that violate the terms of service. Don't run those. As a matter of fact, if you VALUE your playtime, don't run any. The warning was in the terms of service you (likely didn't) read when you start the game.

> > > > > > >

> > > > > > > My country's law > any terms of service. I read my countries laws. Period.

> > > > > >

> > > > > > You just experienced what happens if you think your countries laws are going to keep you from being at risk from being banned when you violate the terms of service. how did that work out for you BTW?

> > > > >

> > > > > Yes, if they don't unban me I will get a full refund. So, yay me.

> > > >

> > > > Good luck with that.. you got banned for breaking ToS.. not sure a refund could/should be granted under those circumstances but if they do then.. cya.

> > >

> > > I think he said that be has only been playing a month. If so he may be able to get a chargeback by contacting his bank or card issuer regardless of ANet's return policies.

> >

> > a refund from anet and a charge back are different beasts.. charge back and anet will blacklist and more than likely close your account full stop and blacklist your card from being used on their systems most likely.

> > If they refund then its entirely plausible that the account will be left open, perhaps downgraded to f2p, but still useable (in 6months time at least :) )

>

> It's worse. A chargeback can get you blacklisted at Digital River which is used as a payment processor for all kind of internet services.

 

very true, same result but now in two domains and one is, as you say further reaching ..

[Malediktus.9250]

> @"Twoodi.5849" said:

> > @"Malediktus.9250" said:

> > > @"Twoodi.5849" said:

> > > > @"Deihnyx.6318" said:

> > > > > @"Twoodi.5849" said:

> > > > > > @"Deihnyx.6318" said:

> > > > > > > @"Jinks.2057" said:

> > > > > > > > @"starhunter.6015" said:

> > > > > > > >

> > > > > > > > >

> > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > >

> > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > >

> > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > >

> > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > >

> > > > > > > That is the definition of spyware

> > > > > > >

> > > > > > >

> > > > > > > Read the link to the reddit post

> > > > > > Read it, yes.

> > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > >

> > > > > Stop posting misinformation

> > > > >

> > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > >

> > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > >

> > > > Do you even read what you post?

> > > > "create a MD5 hash of it and returns said hash"

> > > >

> > > > Seriously.

> > >

> > >

> > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > >

> >

> > So? Seems to be pointless to salt stuff like that since the contents of the files cannot be reversed. It can only be used to compare it with known files.

>

> You might be fine with that not everyone is hence why every other company like blizzard does this locally

 

But it literally makes no difference if it is compared locally or remotely. Anet would know that you ran Cheat Engine or whatever and ban you anyway.

[Ashen.2907]

> @"Bloodstealer.5978" said:

> > @"Ashen.2907" said:

> > > @"Bloodstealer.5978" said:

> > > > @"Ashen.2907" said:

> > > > > @"Bloodstealer.5978" said:

> > > > > > @"Nezekan.2671" said:

> > > > > > > @"Obtena.7952" said:

> > > > > > > > @"Nezekan.2671" said:

> > > > > > > > > @"Obtena.7952" said:

> > > > > > > > > It couldn't be more clear. There is a list of software that violate the terms of service. Don't run those. As a matter of fact, if you VALUE your playtime, don't run any. The warning was in the terms of service you (likely didn't) read when you start the game.

> > > > > > > >

> > > > > > > > My country's law > any terms of service. I read my countries laws. Period.

> > > > > > >

> > > > > > > You just experienced what happens if you think your countries laws are going to keep you from being at risk from being banned when you violate the terms of service. how did that work out for you BTW?

> > > > > >

> > > > > > Yes, if they don't unban me I will get a full refund. So, yay me.

> > > > >

> > > > > Good luck with that.. you got banned for breaking ToS.. not sure a refund could/should be granted under those circumstances but if they do then.. cya.

> > > >

> > > > I think he said that be has only been playing a month. If so he may be able to get a chargeback by contacting his bank or card issuer regardless of ANet's return policies.

> > >

> > > a refund from anet and a charge back are different beasts.. charge back and anet will blacklist and more than likely close your account full stop and blacklist your card from being used on their systems most likely.

> > > If they refund then its entirely plausible that the account will be left open, perhaps downgraded to f2p, but still useable (in 6months time at least :) )

> >

> > Yes, but a refund seems unlikely and it is very easy to acquire a new visa.

>

> hence why I said good luck with the refund :)

>

> As for getting a new visa.. used to be easy.. the world is a changed place these days when it comes to credit, of course a new debit card might be easier to get from another bank but hey.. hoops and loops I guess.

 

You can walk into any chain drug or convenience store in the US and buy a prepaid visa credit/debit card that is indistinguishable (to merchants) from a bank issued credit card. At a minimum I would estimate upwards of 40,000 to 50,000 locations nationwide.

 

May be different in other countries for all I know.

[Deihnyx.6318]

> @"Twoodi.5849" said:

> > @"Deihnyx.6318" said:

> > > @"Twoodi.5849" said:

> > > > @"Deihnyx.6318" said:

> > > > > @"Jinks.2057" said:

> > > > > > @"starhunter.6015" said:

> > > > > >

> > > > > > >

> > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > >

> > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > >

> > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > >

> > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > >

> > > > > That is the definition of spyware

> > > > >

> > > > >

> > > > > Read the link to the reddit post

> > > > Read it, yes.

> > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > >

> > > Stop posting misinformation

> > >

> > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > >

> > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> >

> > Do you even read what you post?

> > "create a MD5 hash of it and returns said hash"

> >

> > Seriously.

>

>

> While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

>

 

A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

Encryption, compression, now you get the stuff back, but those are different things.

 

Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

[Twoodi.5849]

> @"Deihnyx.6318" said:

> > @"Twoodi.5849" said:

> > > @"Deihnyx.6318" said:

> > > > @"Twoodi.5849" said:

> > > > > @"Deihnyx.6318" said:

> > > > > > @"Jinks.2057" said:

> > > > > > > @"starhunter.6015" said:

> > > > > > >

> > > > > > > >

> > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > >

> > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > >

> > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > >

> > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > >

> > > > > > That is the definition of spyware

> > > > > >

> > > > > >

> > > > > > Read the link to the reddit post

> > > > > Read it, yes.

> > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > >

> > > > Stop posting misinformation

> > > >

> > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > >

> > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > >

> > > Do you even read what you post?

> > > "create a MD5 hash of it and returns said hash"

> > >

> > > Seriously.

> >

> >

> > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> >

>

> A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> Encryption, compression, now you get the stuff back, but those are different things.

>

> Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

 

Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

 

 

[Malediktus.9250]

> @"Twoodi.5849" said:

> > @"Deihnyx.6318" said:

> > > @"Twoodi.5849" said:

> > > > @"Deihnyx.6318" said:

> > > > > @"Twoodi.5849" said:

> > > > > > @"Deihnyx.6318" said:

> > > > > > > @"Jinks.2057" said:

> > > > > > > > @"starhunter.6015" said:

> > > > > > > >

> > > > > > > > >

> > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > >

> > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > >

> > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > >

> > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > >

> > > > > > > That is the definition of spyware

> > > > > > >

> > > > > > >

> > > > > > > Read the link to the reddit post

> > > > > > Read it, yes.

> > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > >

> > > > > Stop posting misinformation

> > > > >

> > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > >

> > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > >

> > > > Do you even read what you post?

> > > > "create a MD5 hash of it and returns said hash"

> > > >

> > > > Seriously.

> > >

> > >

> > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > >

> >

> > A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> > Encryption, compression, now you get the stuff back, but those are different things.

> >

> > Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

>

> Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

>

>

 

It is getting old. A method that catches 90% of the cheaters is still better than nothing. Salting this kind of information would be a waste of CPU time and energy.

[Deihnyx.6318]

> @"Twoodi.5849" said:

> > @"Deihnyx.6318" said:

> > > @"Twoodi.5849" said:

> > > > @"Deihnyx.6318" said:

> > > > > @"Twoodi.5849" said:

> > > > > > @"Deihnyx.6318" said:

> > > > > > > @"Jinks.2057" said:

> > > > > > > > @"starhunter.6015" said:

> > > > > > > >

> > > > > > > > >

> > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > >

> > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > >

> > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > >

> > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > >

> > > > > > > That is the definition of spyware

> > > > > > >

> > > > > > >

> > > > > > > Read the link to the reddit post

> > > > > > Read it, yes.

> > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > >

> > > > > Stop posting misinformation

> > > > >

> > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > >

> > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > >

> > > > Do you even read what you post?

> > > > "create a MD5 hash of it and returns said hash"

> > > >

> > > > Seriously.

> > >

> > >

> > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > >

> >

> > A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> > Encryption, compression, now you get the stuff back, but those are different things.

> >

> > Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

>

> Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

>

>

 

That's correct, it's flawed and not as effective as it could be, however there is no breach of security like some people claim. They won't get your private info, the text you're writing or anything with that.

And the problem here is less what they could have done better but rather the opportunism some people use right now to jump at anet throat for doing something that their own OS is doing, that their search engine is doing (edit: not hashing, but monitoring what you do in general), and that generally a lot of programs will do without exactly bothering to tell you.

It is not "personal data", does not contain passwords, usernames, emails, credit card, addresses, or anything like that.

I can't take people seriously when they get outraged about that right after they got banned. The should be using tails for all their super secret stuff then.

[Nightlark.4029]

> @"Malediktus.9250" said:

> > @"Twoodi.5849" said:

> > > @"Deihnyx.6318" said:

> > > > @"Twoodi.5849" said:

> > > > > @"Deihnyx.6318" said:

> > > > > > @"Twoodi.5849" said:

> > > > > > > @"Deihnyx.6318" said:

> > > > > > > > @"Jinks.2057" said:

> > > > > > > > > @"starhunter.6015" said:

> > > > > > > > >

> > > > > > > > > >

> > > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > > >

> > > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > > >

> > > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > > >

> > > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > > >

> > > > > > > > That is the definition of spyware

> > > > > > > >

> > > > > > > >

> > > > > > > > Read the link to the reddit post

> > > > > > > Read it, yes.

> > > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > > >

> > > > > > Stop posting misinformation

> > > > > >

> > > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > > >

> > > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > > >

> > > > > Do you even read what you post?

> > > > > "create a MD5 hash of it and returns said hash"

> > > > >

> > > > > Seriously.

> > > >

> > > >

> > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > > >

> > >

> > > A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> > > Encryption, compression, now you get the stuff back, but those are different things.

> > >

> > > Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

> >

> > Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

> >

> >

>

> It is getting old. A method that catches 90% of the cheaters is still better than nothing. Salting this kind of information would be a waste of CPU time and energy.

Generating the list of hashes repeatedly is the thing that is a waste of CPU time and energy. Adding a salt would be such a small amount of additional overhead that it might as well be unmeasurable. Sure, catching 90% of the cheaters is good, but not when you have a significant number of false positives and refuse to overturn them with appeals.

[Twoodi.5849]

> @"Malediktus.9250" said:

> > @"Twoodi.5849" said:

> > > @"Deihnyx.6318" said:

> > > > @"Twoodi.5849" said:

> > > > > @"Deihnyx.6318" said:

> > > > > > @"Twoodi.5849" said:

> > > > > > > @"Deihnyx.6318" said:

> > > > > > > > @"Jinks.2057" said:

> > > > > > > > > @"starhunter.6015" said:

> > > > > > > > >

> > > > > > > > > >

> > > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > > >

> > > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > > >

> > > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > > >

> > > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > > >

> > > > > > > > That is the definition of spyware

> > > > > > > >

> > > > > > > >

> > > > > > > > Read the link to the reddit post

> > > > > > > Read it, yes.

> > > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > > >

> > > > > > Stop posting misinformation

> > > > > >

> > > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > > >

> > > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > > >

> > > > > Do you even read what you post?

> > > > > "create a MD5 hash of it and returns said hash"

> > > > >

> > > > > Seriously.

> > > >

> > > >

> > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > > >

> > >

> > > A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> > > Encryption, compression, now you get the stuff back, but those are different things.

> > >

> > > Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

> >

> > Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

> >

> >

>

> It is getting old. A method that catches 90% of the cheaters is still better than nothing. Salting this kind of information would be a waste of CPU time and energy.

 

For you maybe ethically/morally but i prefer a system where 0 innocent people get punished.

 

Like i said for the other programs that were created purely to cheat in GW2, sure they had no legitimate reason to be running those programs. But with Cheat engine the world isn't so black and white and as far as i am aware it's impossible to use it to cheat in GW2 as cheat engine cannot edit server side data.

 

The official cheat engine forums themselves don't even allow users to post tables/tutorials for multiplayer games.

 

 

[Anthony.7630]

Your worried about a mmo video game called guild wars 2 is spying on your computer ?

Spying is everywhere man. Cortana from windows 10 spies on you. So does avast antivirus and other anti viruse softwares. Also google chrome tracks all your search engines on your android or your computers.

 

Android phones are not any better than iphones. Both apple and google / and even amazon take all your information and spy on you.

 

Also email accounts track your messages and know what you're doing sending and searching / buying.

 

The best way to be untrackable is to move to africa and use no technologies and stay away from governments and authorities. Oh and your ID tag for being a citizen tracks you.

 

That's what is happening in 2018. The modernization and global collection / tracking of human data.

[Malediktus.9250]

> @"Nightlark.4029" said:

> > @"Malediktus.9250" said:

> > > @"Twoodi.5849" said:

> > > > @"Deihnyx.6318" said:

> > > > > @"Twoodi.5849" said:

> > > > > > @"Deihnyx.6318" said:

> > > > > > > @"Twoodi.5849" said:

> > > > > > > > @"Deihnyx.6318" said:

> > > > > > > > > @"Jinks.2057" said:

> > > > > > > > > > @"starhunter.6015" said:

> > > > > > > > > >

> > > > > > > > > > >

> > > > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > > > >

> > > > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > > > >

> > > > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > > > >

> > > > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > > > >

> > > > > > > > > That is the definition of spyware

> > > > > > > > >

> > > > > > > > >

> > > > > > > > > Read the link to the reddit post

> > > > > > > > Read it, yes.

> > > > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > > > >

> > > > > > > Stop posting misinformation

> > > > > > >

> > > > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > > > >

> > > > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > > > >

> > > > > > Do you even read what you post?

> > > > > > "create a MD5 hash of it and returns said hash"

> > > > > >

> > > > > > Seriously.

> > > > >

> > > > >

> > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > > > >

> > > >

> > > > A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> > > > Encryption, compression, now you get the stuff back, but those are different things.

> > > >

> > > > Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

> > >

> > > Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

> > >

> > >

> >

> > It is getting old. A method that catches 90% of the cheaters is still better than nothing. Salting this kind of information would be a waste of CPU time and energy.

> Generating the list of hashes repeatedly is the thing that is a waste of CPU time and energy. Adding a salt would be such a small amount of additional overhead that it might as well be unmeasurable. Sure, catching 90% of the cheaters is good, but not when you have a significant number of false positives and refuse to overturn them with appeals.

 

But there are no false positives. If you cheat in one game you are prone to cheating and should be kept out of online games.

Also the hashing is nothing to a modern CPU, so if it happens let's say every 5min or so it will cosnume like 0.01% of your CPU time.

I just run a benchmark and my CPU can handle hashing 11.7 GB data per second of simple algorithms like MD5.

Even the most complex algorithms my benchmark tool has still reach 1 GB of data hashed per second.

[Shikigami.4013]

There were no false positives. People were suspended for having cheat engine (or a few other programs) open over a significant amount of time during a period of weeks while playing GW2, and that is was what all of them did. Even this guy who wanted to make everyone believe that he never even used the program since starting to play GW2 by citing the "last modified" date for the program was called out by me because the "last modified" date does not change when running the program, only when the file is actually modified. He then suddenly changed his story to the usual "he may have used it while playing GW2 but not for cheating in GW2".

 

They were not suspended for cheating in GW2, nor is a suspension despite not having cheated "not justified", because they can suspend whoever they want and do not need proof or "justification" (as stated dozens of times already in this thread and constantly being ignored).

[Belorn.2659]

> @"Anthony.7630" said:

> Your worried about a mmo video game called guild wars 2 is spying on your computer ?

> Spying is everywhere man. Cortana from windows 10 spies on you. So does avast antivirus and other anti viruse softwares. Also google chrome tracks all your search engines on your android or your computers.

>

> Android phones are not any better than iphones. Both apple and google / and even amazon take all your information and spy on you.

>

> Also email accounts track your messages and know what you're doing sending and searching / buying.

>

> The best way to be untrackable is to move to africa and use no technologies and stay away from governments and authorities. Oh and your ID tag for being a citizen tracks you.

>

> That's what is happening in 2018. The modernization and global collection / tracking of human data.

 

And this is good and we should celebrate that a game developer do this, because...?

 

There is a lot of bad things happening in the world. I would prefer that a game company avoid doing harm when there is no reason to do it and a very easy solution to do harm reduction. Do not store data that is not related to the cheat tools. Delete it any unrelated data that got caught by the spyware code. Reassure your players that information won't be suddenly leaked because the data is permanently deleted.

[Shikigami.4013]

> @"Belorn.2659" said:

> > @"Anthony.7630" said:

> > Your worried about a mmo video game called guild wars 2 is spying on your computer ?

> > Spying is everywhere man. Cortana from windows 10 spies on you. So does avast antivirus and other anti viruse softwares. Also google chrome tracks all your search engines on your android or your computers.

> >

> > Android phones are not any better than iphones. Both apple and google / and even amazon take all your information and spy on you.

> >

> > Also email accounts track your messages and know what you're doing sending and searching / buying.

> >

> > The best way to be untrackable is to move to africa and use no technologies and stay away from governments and authorities. Oh and your ID tag for being a citizen tracks you.

> >

> > That's what is happening in 2018. The modernization and global collection / tracking of human data.

>

> And this is good and we should celebrate that a game developer do this, because...?

>

> There is a lot of bad things happening in the world. I would prefer that a game company avoid doing harm when there is no reason to do it and a very easy solution to do harm reduction. Do not store data that is not related to the cheat tools. Delete it any unrelated data that got caught by the spyware code. Reassure your players that information won't be suddenly leaked because the data is permanently deleted.

 

They don't even know who you are. How would they leak anything that could harm you if they have no personal info about you anyway? All purchases are handled by DigitalRiver, which is a company that is not connected to ArenaNet in any other way than handling the commercial transactions for them. ArenaNet knows that you are Belorn.2659 and an email address you used to sign up (which is probably hosted anonymously because people concerned that much about their privacy would likely not use an email that is publicly tied to their realworld identity). When you purchase something, DigitalRiver handles your data and just notifies ArenaNet in an automated process if the payment was successful or not. They do not send your 20 Dollar to ArenaNet with a note attached saying "These 20 dollar come from John Doe, age 22, living in randomstreet 123, randomtown who used the credit card with the numer 1234-4321-1234-4321 to pay.

 

Is a gameaccount name and the name of a process found running on your pc too much information for your taste so that you fear you could be "harmed" if the hypothetical fact that Belorn.2659 used a program called cheat engine on his PC in march 2018, would leak to the internet? Maybe you could tell us what exactly you are afraid of that could happen.

[Obtena.7952]

> @"Twoodi.5849" said:

> > @"Malediktus.9250" said:

> > > @"Twoodi.5849" said:

> > > > @"Deihnyx.6318" said:

> > > > > @"Twoodi.5849" said:

> > > > > > @"Deihnyx.6318" said:

> > > > > > > @"Twoodi.5849" said:

> > > > > > > > @"Deihnyx.6318" said:

> > > > > > > > > @"Jinks.2057" said:

> > > > > > > > > > @"starhunter.6015" said:

> > > > > > > > > >

> > > > > > > > > > >

> > > > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > > > >

> > > > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > > > >

> > > > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > > > >

> > > > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > > > >

> > > > > > > > > That is the definition of spyware

> > > > > > > > >

> > > > > > > > >

> > > > > > > > > Read the link to the reddit post

> > > > > > > > Read it, yes.

> > > > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > > > >

> > > > > > > Stop posting misinformation

> > > > > > >

> > > > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > > > >

> > > > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > > > >

> > > > > > Do you even read what you post?

> > > > > > "create a MD5 hash of it and returns said hash"

> > > > > >

> > > > > > Seriously.

> > > > >

> > > > >

> > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > > > >

> > > >

> > > > A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> > > > Encryption, compression, now you get the stuff back, but those are different things.

> > > >

> > > > Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

> > >

> > > Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

> > >

> > >

> >

> > It is getting old. A method that catches 90% of the cheaters is still better than nothing. Salting this kind of information would be a waste of CPU time and energy.

>

> For you maybe ethically/morally but i prefer a system where 0 innocent people get punished.

 

There is no system that will do that. If Anet errs on one side, they a few innocents. If they err on the other, a whole game of legit players are affected by cheaters that got missed. Which one do you think Anet will take EVERY time. That's why the risk to use these programs is on the PLAYER.

[usnedward.9023]

> @"Bloodstealer.5978" said:

> Very well measured and honest response .. that takes some doing under these circumstances so I pat you on the back for that.. though I don't support what you did, owning up to ones actions isn't really an easy thing to d so I wish you luck going forward.

>

Ha...I don't support what I did either.

> Gailes response did turn this thread in another direction.. for sure.

>

Yes it did!

> The same players proclaiming innocence were originally telling us all that they only use 3rd party software listed as useable by ANET.. arcdps, taco.. then all of a sudden that changed to .. "but I only run Cheat engine, I don't use it in game but I wont say why I had it installed, why it was running alongside GW2 or what they actually use it for if not to cheat"

> So its kinda refreshing to see you stand up and take it on the chin like you have.

I did not use cheat engine though long ago I did for like a Microsoft Pinball game in like the late 90's lol. I used a known dll hack /sadface.

People stating that cheatengine is not a "cheating" tool is incorrect. You use to read memory AND you can change that memory if you know what are you doing on the client side amongst other uses. It's not an easy process but a process none the less that COULD be used to modify the client side in memory. So like you stated, if people have it they are most undoubtedly cheating. There is no purpose to run it if you are not using it.

 

[Nightlark.4029]

Wow. You guys are really pessimistic about human nature, and very optimistic about how infallible ANet is.

 

> @"Malediktus.9250" said:

> But there are no false positives. If you cheat in one game you are prone to cheating and should be kept out of online games.

> Also the hashing is nothing to a modern CPU, so if it happens let's say every 5min or so it will cosnume like 0.01% of your CPU time.

> I just run a benchmark and my CPU can handle hashing 11.7 GB data per second of simple algorithms like MD5.

> Even the most complex algorithms my benchmark tool has still reach 1 GB of data hashed per second.

Calculating the hash might be a relatively cheap operation for the CPU (depends how often they ran it -- some people experiencing worse performance makes me believe they did it much more frequently than 5 min, I haven't played in the past few months, and I haven't dug into the executable yet to find out how often it ran). However, it was reading the programs as they are stored on the disk, which most definitely cannot handle 11.7 GB of data per second -- SSDs can handle ~650MB/s; a laptop drive might be able to handle 80-160MB/s in a good case, but could extremely low (1MB/s) with random access of small files.

 

> @"Shikigami.4013" said:

> There were no false positives. People were suspended for having cheat engine (or a few other programs) open over a significant amount of time during a period of weeks while playing GW2, and that is was what all of them did. Even this guy who wanted to make everyone believe that he never even used the program since starting to play GW2 by citing the "last modified" date for the program was called out by me because the "last modified" date does not change when running the program, only when the file is actually modified. He then suddenly changed his story to the usual "he may have used it while playing GW2 but not for cheating in GW2".

Most of the other programs yea, pretty obvious they're cheating. However Cheat Engine (despite the name) has legitimate uses, which includes people doing their jobs working in InfoSec (not writing bots); some reports seem to indicate that even logging in just for dailies was enough time to get banned.

 

> @"Shikigami.4013" said:

> They were not suspended for cheating in GW2, nor is a suspension despite not having cheated "not justified", because they can suspend whoever they want and do not need proof or "justification" (as stated dozens of times already in this thread and constantly being ignored).

Great, so you'd be fine if ANet just banned you for having a web browser tab open with a news article whose headline says "big company got **HACKED** and lost a bunch of user data", because the window title has the word "hack" in it.

[SkyShroud.2865]

> @"Malediktus.9250" said:

> > @"Nightlark.4029" said:

> > > @"Malediktus.9250" said:

> > > > @"Twoodi.5849" said:

> > > > > @"Deihnyx.6318" said:

> > > > > > @"Twoodi.5849" said:

> > > > > > > @"Deihnyx.6318" said:

> > > > > > > > @"Twoodi.5849" said:

> > > > > > > > > @"Deihnyx.6318" said:

> > > > > > > > > > @"Jinks.2057" said:

> > > > > > > > > > > @"starhunter.6015" said:

> > > > > > > > > > >

> > > > > > > > > > > >

> > > > > > > > > > > > No they installed spyware on March 6th and removed it on March 27th on all our computers.

> > > > > > > > > > > >

> > > > > > > > > > > > You need to do your research and come back when you understand the entire situation

> > > > > > > > > > >

> > > > > > > > > > > It was not spyware, it was only checking processes running along with GW2. It scanned for nothing more. It collected no personal information, no location data, no passwords. It is not tracking what web sites you went too. Many MMO's run programs like this to check for cheats and hacks.

> > > > > > > > > >

> > > > > > > > > > No it opened each file and read it then sent it back to Anet servers.

> > > > > > > > > >

> > > > > > > > > > That is the definition of spyware

> > > > > > > > > >

> > > > > > > > > >

> > > > > > > > > > Read the link to the reddit post

> > > > > > > > > Read it, yes.

> > > > > > > > > It sends a list of hashed values, a hash is destructive and you can't get the original content back.

> > > > > > > > > No "private" information, just a guess of what processes were used, which is required to detect a list of software they don't want you to use.

> > > > > > > >

> > > > > > > > Stop posting misinformation

> > > > > > > >

> > > > > > > > > They will then go through all processes and get their file names. Those file names are then fed into the very same hash function as before at 0x6F4E90, which will open the respective files, read all their content, create a MD5 hash of it and returns said hash, which are then, again, stored in a list for later use.

> > > > > > > >

> > > > > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivially to reverse

> > > > > > >

> > > > > > > Do you even read what you post?

> > > > > > > "create a MD5 hash of it and returns said hash"

> > > > > > >

> > > > > > > Seriously.

> > > > > >

> > > > > >

> > > > > > While the list is submitted in form of hashes, those hashes are not salted, so they are trivial to reverse

> > > > > >

> > > > >

> > > > > A hash IS destructive, you will NOT get the value back. If you believe that I really hope you're not working in any job related with IT.

> > > > > Encryption, compression, now you get the stuff back, but those are different things.

> > > > >

> > > > > Now, yes, they need the hash of "cheat engine" so that they can compare it with their own hash of "Cheat Engine" and conclude you are using it. That's why it's possible to figure out what processes are running. That's the whole point of this process, that they can detect if you're using something they don't want you to be using.

> > > >

> > > > Yes they are but they were unsalted which means you can still match it to databases and see what program it was and sending all that info across the internet is not okay. Hence why blizzards and others use a local database on the users system. It's a lazy "anti-cheat" considering its trivial to compile your own version, something as small as a 1 byte difference means it wont be detected.

> > > >

> > > >

> > >

> > > It is getting old. A method that catches 90% of the cheaters is still better than nothing. Salting this kind of information would be a waste of CPU time and energy.

> > Generating the list of hashes repeatedly is the thing that is a waste of CPU time and energy. Adding a salt would be such a small amount of additional overhead that it might as well be unmeasurable. Sure, catching 90% of the cheaters is good, but not when you have a significant number of false positives and refuse to overturn them with appeals.

>

> But there are no false positives. If you cheat in one game you are prone to cheating and should be kept out of online games.

> Also the hashing is nothing to a modern CPU, so if it happens let's say every 5min or so it will cosnume like 0.01% of your CPU time.

> I just run a benchmark and my CPU can handle hashing 11.7 GB data per second of simple algorithms like MD5.

> Even the most complex algorithms my benchmark tool has still reach 1 GB of data hashed per second.

 

You know you made a generalization remark right? Depend on how you use that logic, you know you can turn it pretty ugly, right? And if said you selectively apply that principle, then, you know your point is immediately mooted, right?

[Tom Bombadil.6310]

My guess: most of the people complaining about getting banned are just trying to stir up drama in hopes of getting a lesser sentence!

You got caught with your hands in the cookie jar! Deal with it and pay the piper, hopefully learn a thing or two for the next time you think about cheating in a game!

[Shikigami.4013]

> @"Nightlark.4029" said:

> Great, so you'd be fine if ANet just banned you for having a web browser tab open with a news article whose headline says "big company got **HACKED** and lost a bunch of user data", because the window title has the word "hack" in it.

 

We can talk about that when it happens. But it will not. Because all those hypothetical scenarios of what horrible things might happen to completely innocent people are nonsense.

 

I would however be fine with getting banned (suspended) for running cheat software on my PC while playing GW2, just like I would be fine with not being allowed on a plane with a bread knife.

 

 

[Nightlark.4029]

> @"Shikigami.4013" said:

> > @"Nightlark.4029" said:

> > Great, so you'd be fine if ANet just banned you for having a web browser tab open with a news article whose headline says "big company got **HACKED** and lost a bunch of user data", because the window title has the word "hack" in it.

>

> We can talk about that when it happens. But it will not. Because all those hypothetical scenarios of what horrible things might happen to completely innocent people are nonsense.

>

>

Except that those hypothetical scenarios of what horrible things might happen to completely innocent people are not nonsense, because they happened to some of the people that had Cheat Engine open. It is a tool with many features, yes typically used for cheating (its developers don't endorse use in multiplayer games, only single player games), but like all tools, it also legitimate business purposes. The way ANet detected Cheat Engine was the equivalent of banning based on you having a browser tab open with the word "hack" in it. Sure, you could have had that browser tab open to learn how to "hack" a game like Guild Wars, but there are thousands of other reasons why that browser tab could have been open.

 

Also, a lot of people have a tendency (myself included), to leave light-weight programs open in the background for long periods of time, even when not actively using them. Combine the legitimate uses for Cheat Engine (or any debugger) with that tendency, and you have false positives.

[SkyShroud.2865]

Btw, I also recall that anet banned all accounts with common IP. In that case, there are possibilities of people who happened to share the common IP due to their ISP's design, which is actually a common design where ISP just dump a list of IPs to a list of subscribers (in specific areas) to use, are banned thus this may explain why some people complained they did not use any mentioned softwares yet got banned.

[Nightlark.4029]

> @"usnedward.9023" said:

> People stating that cheatengine is not a "cheating" tool is incorrect. You use to read memory AND you can change that memory if you know what are you doing on the client side amongst other uses. It's not an easy process but a process none the less that COULD be used to modify the client side in memory. So like you stated, if people have it they are most undoubtedly cheating. There is no purpose to run it if you are not using it.

Uh... you obviously aren't in the field of computer security. Other uses for Cheat Engine that aren't cheating are a debugger for figuring out why a program is broken, and seeing what malware is doing.

 

I don't think I need to point out that your last 2 lines are false -- however, even if you are using it for cheating, you could be using it to cheat in a single player game and never use it to cheat in GW2. Again, the check ANet did for simply seeing if Cheat Engine was running is overly broad -- at minimum they should have included a check to see if an open handle to GW2 was being used by Cheat Engine.