• 51 results
  • 1
  • 2
#1 Edited by Dezztroy (787 posts) -

So some tech-savvy people have found that the browser plugins Uplay installs for you (without asking or telling you, mind you) have some Rootkit-like capabilities. Namely, it can execute any application on your computer without asking you, and then proceed to give those applications input. All of this from you simply visiting a link.
 
http://news.ycombinator.com/item?id=4311264
http://seclists.org/fulldisclosure/2012/Jul/375
The first link includes a proof-of-concept page which shows you how it can work, provided you have Uplay installed.
 
So yeah, if you've ever played any Ubisoft games on your PC, you probably want to disable the Uplay plugins and/or uninstall Uplay completely. Like, now.
 
They've forced all of their customers to install an extreme security risk just to play their games. But hey, atleast they kept their games from being pirated for a few days, right?

#2 Posted by PillClinton (3291 posts) -

This is why anti-piracy tactics by publishers are horrible, horrible things: they make everything worse and more difficult for the honest paying consumer. Meanwhile, pirates will ALWAYS manage to pirate the games. What a fucking pointless endeavor.

#3 Posted by Khann (2830 posts) -

fucking Ubisoft cunts

#4 Posted by MooseyMcMan (10894 posts) -

This makes me glad I only play Ubisoft games on consoles.

Moderator
#5 Posted by Gnubberen (765 posts) -

Not cool..

#6 Posted by perilator666 (439 posts) -

i started boycotting ubisoft years ago. thank fuck for that.

#7 Posted by zyn (2591 posts) -

I saw this on the Steam forums; yeah, not cool.

#8 Posted by joshthebear (2700 posts) -

This somehow does not surprise me.

#9 Posted by Brodehouse (9848 posts) -

Sounds like they couldn't make it launch programs properly and took a nuclear approach.

#10 Posted by Vodun (2370 posts) -

Gaaah, I just wish they'd publish shit games so I could avoid them...curses!

#11 Posted by Dagbiker (6964 posts) -

Ubisoft has always had subpar programming. Im just glad I never installed Anno, or any other Ubi game on my new computer.

#12 Posted by mak_wikus (515 posts) -

I wanted to uninstall Ubisoft Game Launcher, but it told me that doing so will result in removing ALL OF MY SAVEGAMES. Fuck, you, Ubisoft. Jesus.

#14 Posted by ErgoMeSmart (37 posts) -

Yeah, it seems there's no real need to panic and uninstall UPlay, losing all your saves. Just uninstall the browser plug-in and all should be fine.

It's a fuck up, but not as major as people thought at first.

#15 Posted by Mr_Skeleton (5141 posts) -

@Gizmo said:

That's why I only SkidROW my Ubisoft PC games.

You don't have to play them...

#16 Posted by Dezztroy (787 posts) -
@ErgoMeSmart said:

Yeah, it seems there's no real need to panic and uninstall UPlay, losing all your saves. Just uninstall the browser plug-in and all should be fine.

It's a fuck up, but not as major as people thought at first.

While it is easy to disable the plugins, it is definitely as major as people make it out to be.
#17 Posted by ZeForgotten (10397 posts) -

Ubisoft is not the only ones who makes stuff do this. 
Anyways, as others have said, easy to just disable it and move on with our lives. 
It's not like it downloaded porn to my PC or killed my dog.. yet. 

#18 Posted by Matfei90 (1288 posts) -

Hmm. I have Anno 2070 on my PC and just checked for the firefox plugins, and can't see them.

#19 Edited by TMThomsen (2071 posts) -

Now I kinda regret buying Assassin's Creed Revelation during the Steam sale :/

#20 Edited by BeachThunder (11829 posts) -

Well, thankfully, I have none of those games.

BTW, this is the list of games, if you don't want to click the link:

  • Assassin's Creed II
  • Assassin's Creed: Brotherhood
  • Assassin's Creed: Project Legacy
  • Assassin's Creed Revelations
  • Assassin's Creed III
  • Beowulf: The Game
  • Brothers in Arms: Furious 4
  • Call of Juarez: The Cartel
  • Driver: San Francisco
  • Heroes of Might and Magic VI
  • Just Dance 3
  • Prince of Persia: The Forgotten Sands
  • Pure Football
  • R.U.S.E.
  • Shaun White Skateboarding
  • Silent Hunter 5: Battle of the Atlantic
  • The Settlers 7: Paths to a Kingdom
  • Tom Clancy's H.A.W.X. 2
  • Tom Clancy's Ghost Recon: Future Soldier
  • Tom Clancy's Splinter Cell: Conviction
  • Your Shape: Fitness Evolved
  • #21 Posted by TaliciaDragonsong (8698 posts) -

    Ubifail.
     
    I never bought any Ubisoft product on pc since they started this nonsense.
    Vote with the wallet etc.

    #22 Posted by Aetheldod (3551 posts) -

    I only have farcry 2 and its not on the list and I couldn´t find an plug ins ..... fiuh.... Im never buying an ubisoft game again

    #23 Posted by AlexW00d (6235 posts) -

    I have Splinter Cell on here, but no uplay plugin. Suck it Ubisoft.

    #24 Posted by Deranged (1837 posts) -

    @MooseyMcMan said:

    This makes me glad I only play Ubisoft games on consoles.

    #25 Edited by Humanity (9050 posts) -

    Why are people saying Ubisoft are a bunch of cunts as opposed to the people who worked on a way to fuck with others through a loophole in programming?

    I'm sure Ubisoft wasn't sitting down in HQ rubbing their hands together thinking up of ways to fuck with their consumers. Their copy protection is somewhat unfortunate but this isn't really THEIR fault as much as you getting computer viruses through Windows isn't directly Bill Gates' fault. There are some malicious people who will look for ways to exploit any system and then make use of that knowledge to mess with innocent people - and they are the ones who are truly at fault.

    #26 Posted by Village_Guy (2544 posts) -

    Oh no how horrible... I don't really care, that doesn't seem directly offensive, and the poor security surrounding it makes it easy to disable, should you so desire.

    When I clicked this thread I expected something truly disgusting, but this left me pretty indifferent.

    #27 Posted by JamesG (55 posts) -

    @Matfei90 said:

    Hmm. I have Anno 2070 on my PC and just checked for the firefox plugins, and can't see them.

    You should see them here.

    #28 Edited by Laiv162560asse (487 posts) -
    @Humanity said:

    There are some malicious people who will look for ways to exploit any system and then make use of that knowledge to mess with innocent people...

    That is exactly why nobody really cares about them, because that malicious element will always exist no matter what anyone does. Raging at them is a waste of breath. However, companies who make their customers jump through needless hoops, and in doing so make their customers vulnerable to those 'malicious people', are not something that anybody has to put up with. And the act of deciding not to put up with it usually just takes the form of saying 'Fuck off, Ubisoft, never again'.
    #29 Posted by BaneFireLord (2920 posts) -

    Are there any publishers left that we shouldn't be boycotting for some reason or other?

    #30 Posted by Dagbiker (6964 posts) -
    @SoothsayerGB what if im using internet explorer
    #31 Edited by Fattony12000 (7283 posts) -
    DRM and malware free since 1985
    #32 Posted by yoshisaur (2701 posts) -

    The magnitude of this whole thing is flying over my head, anyone care to enlighten me on the subject of why it's catastrophic?

    #33 Posted by Dezztroy (787 posts) -
    @Village_Guy said:

    Oh no how horrible... I don't really care, that doesn't seem directly offensive, and the poor security surrounding it makes it easy to disable, should you so desire.

    When I clicked this thread I expected something truly disgusting, but this left me pretty indifferent.

    If a major publisher basically putting a backdoor for potential hackers on every single one of their customers' computers leaves you indifferent, I'm not sure what kind of news you were expecting.
    #34 Posted by Kidavenger (3530 posts) -

    I have chrome and I don't have that plugin installed, the only Ubisoft game I've ever played are The Settlers 7: Paths to a Kingdom (which had the uplay drm crap) and Castle Empire Online (which was browser based but not uplay).

    Seems like I should have this, I haven't played either game in almost a year, maybe the plugin is something recent.

    #35 Edited by Dezztroy (787 posts) -
    @Kidavenger said:

    I have chrome and I don't have that plugin installed, the only Ubisoft game I've ever played are The Settlers 7: Paths to a Kingdom (which had the uplay drm crap) and Castle Empire Online (which was browser based but not uplay).

    Seems like I should have this, I haven't played either game in almost a year, maybe the plugin is something recent.

    Run the "test exploit" to see if you have it or not. It might be something fairly recent as well, I've no idea.
     
    Edit: It seems they've now patched Uplay to adress this issue.
    #36 Posted by Ravenlight (8040 posts) -

    @Dagbiker said:

    @SoothsayerGB what if im using internet explorer

    Then you've got a whole different slew of infection vectors to worry about :P

    #37 Posted by Funkydupe (3311 posts) -

    Lets not use Uplay. It is a silly program.

    #38 Edited by DeadVillager (77 posts) -

    Well, Heroes VI was a disappointment and Splinter Cell: Conviction's co-op never worked for me, so I already had enough reasons to regret both of those purchases. Now I feel pretty comfortable never buying a product from them again, though.

    #39 Posted by buft (3315 posts) -

    @TMThomsen said:

    Now I kinda regret buying Assassin's Creed Revelation during the Steam sale :/

    ditto

    #40 Posted by BlackLagoon (1406 posts) -

    @Dezztroy said:

    So some tech-savvy people have found that the browser plugins Uplay installs for you (without asking or telling you, mind you) have some Rootkit-like capabilities. Namely, it can execute any application on your computer without asking you, and then proceed to give those applications input. All of this from you simply visiting a link.

    I think calling it a rootkit is a misnomer - what differentiates a rootkit from other malware is that it hooks deep into the operating system and alters self monitoring outputs to hide that the computer has been compromized. There's no evidence of any such "stealth" capability, just a sloppily made browser plugin with a big fat security hole.

    #41 Posted by cheapandtacky (128 posts) -

    @Dagbiker: settings menu> manage addons

    #42 Posted by iam3green (14390 posts) -

    wow that is horrible. i don't buy ubisoft games on pc as of DRM. a lot of companies like to put DRM in it.

    #43 Edited by MrKlorox (11209 posts) -

    Uh.... it's been fixed ya'll. Launch a Ubisoft game and the client will update itself with the fix.
     
    edit: Also I never had any Uplay plugin show up in Firefox, despite having a few UPlay games installed. The most recent being Driver San Francisco. I had to launch the game from steam to even get to UPLay.

    #44 Posted by Matfei90 (1288 posts) -
    @JamesG said:

    @Matfei90 said:

    Hmm. I have Anno 2070 on my PC and just checked for the firefox plugins, and can't see them.

    You should see them here.

    Yes, I know how to access my firefox plugins. And like I said, nothing uplay related shows up.
    #45 Posted by Demoskinos (14757 posts) -

    Only Ubi games I have are the Far Cry games both I think don't have the Uplay nonsense.

    #46 Posted by Hizang (8532 posts) -

    I miss days where you turn a console on, put in a game and it just goes.

    #47 Posted by AssInAss (2615 posts) -

    @Hizang said:

    I miss days where you turn a console on, put in a game and it just goes.

    You can still do that...

    This is about the PC.

    #48 Posted by LiquidPrince (15908 posts) -

    @Gizmo said:

    That's why I only SkidROW my Ubisoft PC games.

    Right, THAT's why you do it. I get ya...

    #49 Posted by atomic_dumpling (2469 posts) -

    I didn't know they clandestinely install browser plugins. Why does a DRM system need to do this? This takes "intrusive" to the next level.

    #50 Posted by Vexxan (4618 posts) -

    Good thing I don't use that piece of shit service.