• 51 results
  • 1
  • 2
#1 Edited by Dezztroy (941 posts) -

So some tech-savvy people have found that the browser plugins Uplay installs for you (without asking or telling you, mind you) have some Rootkit-like capabilities. Namely, it can execute any application on your computer without asking you, and then proceed to give those applications input. All of this from you simply visiting a link.
 
http://news.ycombinator.com/item?id=4311264
http://seclists.org/fulldisclosure/2012/Jul/375
The first link includes a proof-of-concept page which shows you how it can work, provided you have Uplay installed.
 
So yeah, if you've ever played any Ubisoft games on your PC, you probably want to disable the Uplay plugins and/or uninstall Uplay completely. Like, now.
 
They've forced all of their customers to install an extreme security risk just to play their games. But hey, atleast they kept their games from being pirated for a few days, right?

#2 Posted by PillClinton (3358 posts) -

This is why anti-piracy tactics by publishers are horrible, horrible things: they make everything worse and more difficult for the honest paying consumer. Meanwhile, pirates will ALWAYS manage to pirate the games. What a fucking pointless endeavor.

#3 Posted by Khann (3138 posts) -

fucking Ubisoft cunts

#4 Posted by MooseyMcMan (12013 posts) -

This makes me glad I only play Ubisoft games on consoles.

#5 Posted by Gnubberen (826 posts) -

Not cool..

#6 Posted by perilator666 (502 posts) -

i started boycotting ubisoft years ago. thank fuck for that.

#7 Posted by zyn (2765 posts) -

I saw this on the Steam forums; yeah, not cool.

#8 Posted by joshthebear (2704 posts) -

This somehow does not surprise me.

#9 Posted by Brodehouse (10652 posts) -

Sounds like they couldn't make it launch programs properly and took a nuclear approach.

#10 Posted by Vodun (2393 posts) -

Gaaah, I just wish they'd publish shit games so I could avoid them...curses!

#11 Posted by Dagbiker (7022 posts) -

Ubisoft has always had subpar programming. Im just glad I never installed Anno, or any other Ubi game on my new computer.

#12 Posted by mak_wikus (644 posts) -

I wanted to uninstall Ubisoft Game Launcher, but it told me that doing so will result in removing ALL OF MY SAVEGAMES. Fuck, you, Ubisoft. Jesus.

#14 Posted by ErgoMeSmart (49 posts) -

Yeah, it seems there's no real need to panic and uninstall UPlay, losing all your saves. Just uninstall the browser plug-in and all should be fine.

It's a fuck up, but not as major as people thought at first.

#15 Posted by Mr_Skeleton (5195 posts) -

@Gizmo said:

That's why I only SkidROW my Ubisoft PC games.

You don't have to play them...

#16 Posted by Dezztroy (941 posts) -
@ErgoMeSmart said:

Yeah, it seems there's no real need to panic and uninstall UPlay, losing all your saves. Just uninstall the browser plug-in and all should be fine.

It's a fuck up, but not as major as people thought at first.

While it is easy to disable the plugins, it is definitely as major as people make it out to be.
#17 Posted by ZeForgotten (10368 posts) -

Ubisoft is not the only ones who makes stuff do this. 
Anyways, as others have said, easy to just disable it and move on with our lives. 
It's not like it downloaded porn to my PC or killed my dog.. yet. 

#18 Posted by Matfei90 (1279 posts) -

Hmm. I have Anno 2070 on my PC and just checked for the firefox plugins, and can't see them.

#19 Edited by TMThomsen (2072 posts) -

Now I kinda regret buying Assassin's Creed Revelation during the Steam sale :/

#20 Edited by BeachThunder (13306 posts) -

Well, thankfully, I have none of those games.

BTW, this is the list of games, if you don't want to click the link:

  • Assassin's Creed II
  • Assassin's Creed: Brotherhood
  • Assassin's Creed: Project Legacy
  • Assassin's Creed Revelations
  • Assassin's Creed III
  • Beowulf: The Game
  • Brothers in Arms: Furious 4
  • Call of Juarez: The Cartel
  • Driver: San Francisco
  • Heroes of Might and Magic VI
  • Just Dance 3
  • Prince of Persia: The Forgotten Sands
  • Pure Football
  • R.U.S.E.
  • Shaun White Skateboarding
  • Silent Hunter 5: Battle of the Atlantic
  • The Settlers 7: Paths to a Kingdom
  • Tom Clancy's H.A.W.X. 2
  • Tom Clancy's Ghost Recon: Future Soldier
  • Tom Clancy's Splinter Cell: Conviction
  • Your Shape: Fitness Evolved
  • Online
    #21 Posted by TaliciaDragonsong (8734 posts) -

    Ubifail.
     
    I never bought any Ubisoft product on pc since they started this nonsense.
    Vote with the wallet etc.

    #22 Posted by Aetheldod (3914 posts) -

    I only have farcry 2 and its not on the list and I couldn´t find an plug ins ..... fiuh.... Im never buying an ubisoft game again

    #23 Posted by AlexW00d (6803 posts) -

    I have Splinter Cell on here, but no uplay plugin. Suck it Ubisoft.

    #24 Posted by Deranged (1944 posts) -

    @MooseyMcMan said:

    This makes me glad I only play Ubisoft games on consoles.

    #25 Edited by Humanity (11853 posts) -

    Why are people saying Ubisoft are a bunch of cunts as opposed to the people who worked on a way to fuck with others through a loophole in programming?

    I'm sure Ubisoft wasn't sitting down in HQ rubbing their hands together thinking up of ways to fuck with their consumers. Their copy protection is somewhat unfortunate but this isn't really THEIR fault as much as you getting computer viruses through Windows isn't directly Bill Gates' fault. There are some malicious people who will look for ways to exploit any system and then make use of that knowledge to mess with innocent people - and they are the ones who are truly at fault.

    #26 Posted by Village_Guy (2795 posts) -

    Oh no how horrible... I don't really care, that doesn't seem directly offensive, and the poor security surrounding it makes it easy to disable, should you so desire.

    When I clicked this thread I expected something truly disgusting, but this left me pretty indifferent.

    #27 Posted by JamesG (67 posts) -

    @Matfei90 said:

    Hmm. I have Anno 2070 on my PC and just checked for the firefox plugins, and can't see them.

    You should see them here.

    #28 Edited by Laiv162560asse (488 posts) -
    @Humanity said:

    There are some malicious people who will look for ways to exploit any system and then make use of that knowledge to mess with innocent people...

    That is exactly why nobody really cares about them, because that malicious element will always exist no matter what anyone does. Raging at them is a waste of breath. However, companies who make their customers jump through needless hoops, and in doing so make their customers vulnerable to those 'malicious people', are not something that anybody has to put up with. And the act of deciding not to put up with it usually just takes the form of saying 'Fuck off, Ubisoft, never again'.
    #29 Posted by BaneFireLord (3095 posts) -

    Are there any publishers left that we shouldn't be boycotting for some reason or other?

    #30 Posted by Dagbiker (7022 posts) -
    @SoothsayerGB what if im using internet explorer
    #31 Edited by Fattony12000 (7969 posts) -
    DRM and malware free since 1985
    #32 Posted by kindnivore (2954 posts) -

    The magnitude of this whole thing is flying over my head, anyone care to enlighten me on the subject of why it's catastrophic?

    #33 Posted by Dezztroy (941 posts) -
    @Village_Guy said:

    Oh no how horrible... I don't really care, that doesn't seem directly offensive, and the poor security surrounding it makes it easy to disable, should you so desire.

    When I clicked this thread I expected something truly disgusting, but this left me pretty indifferent.

    If a major publisher basically putting a backdoor for potential hackers on every single one of their customers' computers leaves you indifferent, I'm not sure what kind of news you were expecting.
    #34 Posted by Kidavenger (3923 posts) -

    I have chrome and I don't have that plugin installed, the only Ubisoft game I've ever played are The Settlers 7: Paths to a Kingdom (which had the uplay drm crap) and Castle Empire Online (which was browser based but not uplay).

    Seems like I should have this, I haven't played either game in almost a year, maybe the plugin is something recent.

    #35 Edited by Dezztroy (941 posts) -
    @Kidavenger said:

    I have chrome and I don't have that plugin installed, the only Ubisoft game I've ever played are The Settlers 7: Paths to a Kingdom (which had the uplay drm crap) and Castle Empire Online (which was browser based but not uplay).

    Seems like I should have this, I haven't played either game in almost a year, maybe the plugin is something recent.

    Run the "test exploit" to see if you have it or not. It might be something fairly recent as well, I've no idea.
     
    Edit: It seems they've now patched Uplay to adress this issue.
    #36 Posted by Ravenlight (8057 posts) -

    @Dagbiker said:

    @SoothsayerGB what if im using internet explorer

    Then you've got a whole different slew of infection vectors to worry about :P

    #37 Posted by Funkydupe (3458 posts) -

    Lets not use Uplay. It is a silly program.

    #38 Edited by DeadVillager (80 posts) -

    Well, Heroes VI was a disappointment and Splinter Cell: Conviction's co-op never worked for me, so I already had enough reasons to regret both of those purchases. Now I feel pretty comfortable never buying a product from them again, though.

    #39 Posted by buft (3409 posts) -

    @TMThomsen said:

    Now I kinda regret buying Assassin's Creed Revelation during the Steam sale :/

    ditto

    #40 Posted by BlackLagoon (1770 posts) -

    @Dezztroy said:

    So some tech-savvy people have found that the browser plugins Uplay installs for you (without asking or telling you, mind you) have some Rootkit-like capabilities. Namely, it can execute any application on your computer without asking you, and then proceed to give those applications input. All of this from you simply visiting a link.

    I think calling it a rootkit is a misnomer - what differentiates a rootkit from other malware is that it hooks deep into the operating system and alters self monitoring outputs to hide that the computer has been compromized. There's no evidence of any such "stealth" capability, just a sloppily made browser plugin with a big fat security hole.

    #41 Posted by cheapandtacky (133 posts) -

    @Dagbiker: settings menu> manage addons

    #42 Posted by iam3green (14368 posts) -

    wow that is horrible. i don't buy ubisoft games on pc as of DRM. a lot of companies like to put DRM in it.

    #43 Edited by MrKlorox (11142 posts) -

    Uh.... it's been fixed ya'll. Launch a Ubisoft game and the client will update itself with the fix.
     
    edit: Also I never had any Uplay plugin show up in Firefox, despite having a few UPlay games installed. The most recent being Driver San Francisco. I had to launch the game from steam to even get to UPLay.

    #44 Posted by Matfei90 (1279 posts) -
    @JamesG said:

    @Matfei90 said:

    Hmm. I have Anno 2070 on my PC and just checked for the firefox plugins, and can't see them.

    You should see them here.

    Yes, I know how to access my firefox plugins. And like I said, nothing uplay related shows up.
    #45 Posted by Demoskinos (16436 posts) -

    Only Ubi games I have are the Far Cry games both I think don't have the Uplay nonsense.

    #46 Posted by Hizang (9359 posts) -

    I miss days where you turn a console on, put in a game and it just goes.

    #47 Posted by AssInAss (3090 posts) -

    @Hizang said:

    I miss days where you turn a console on, put in a game and it just goes.

    You can still do that...

    This is about the PC.

    #48 Posted by LiquidPrince (16518 posts) -

    @Gizmo said:

    That's why I only SkidROW my Ubisoft PC games.

    Right, THAT's why you do it. I get ya...

    #49 Posted by atomic_dumpling (2513 posts) -

    I didn't know they clandestinely install browser plugins. Why does a DRM system need to do this? This takes "intrusive" to the next level.

    #50 Posted by Vexxan (4625 posts) -

    Good thing I don't use that piece of shit service.