Blizzard adding almost invisible watermarks on screenshots

[Pannekaker]

It's not like it reveals your name, password and IP. I mean, yeah, the hackers can link your alts together if they have access to screenies of your alt, but that's about it. :P

[Sierra85]

i feel violated.

not cool blizz. Not cool at all.

[Darsithis]

As I said in another thread, disappointing that no "official" news source picked that Blizzard tags screenshots.

Yes, the initial whistleblower was a malicious website, and yes the majority of those offended are cheaters, but it's legit news item for Blizzard users.

Slashdot picked it up and confirmed it more or less

Activision Blizzard Secretly Watermarking World of Warcraft Users

Probably because it's of no real importance. No account info that is useful is stored, and the server IP? Those are publicly listed anyway.

[Deleted]

i actually even surprised someone went to all that effort to find the watermark. not really a big issue for me, as long as it contains no personal data, if its just account id/server related stuff, i dont care.

[Deleted]

Probably because it's of no real importance. No account info that is useful is stored, and the server IP? Those are publicly listed anyway.

I wonder why Slashdot finds it newsworthy and "official news sources" don't.

[Darsithis]

I wonder why Slashdot finds it newsworthy and "official news sources" don't.

*shrugs* slow news day, maybe?

[Deleted]

wonder if there is anything in the ToS about this?

[markdall]

I wonder why Slashdot finds it newsworthy and "official news sources" don't.

Because Slashdot's motto is, "News for Nerds" (No, it really is) and this kind of thing is relevant to us nerds, or at least interesting.

[Nerraw]

I wonder why Slashdot finds it newsworthy and "official news sources" don't.

Hate against Blizzard, unfounded or not, seems to be the easy way to gain public recognition these days.

[RoKPaNda]

I've been thinking about this off and on since yesterday, and even with my current hate-on for Blizzard, I can't see how this is a big deal. If there was any personal information it could be a big deal, but there is none. Account names are useless now and are a pretty harmless way for Blizzard to identify users, if it was BattleNet logins it would maybe be worth discussing/fretting over slightly. Mostly because that would just be another way for spammers to get the addresses of players. What time the screenshot was taken isn't sensitive information either. Server IP addresses are available publicly, this only comes into play when the server you're playing on isn't Blizzard's.

Plus the slashdot article has one of the most ridiculous lines ever in it: "For four years now, we have all been publicly sharing our account and realm information for hackers to decode and exploit."

Again, there isn't really any way to exploit that. It doesn't give contact details or anything, it doesn't expose logins, passwords, secret questions, anything like that. A "hacker" could match the server IP to your server and come pester you with a level 1 alt or something, but that's really about it. Harmless.

[Yunru]

Well i have tested this thing is some other mmo. And it has watermark too! (older mmo)

[Tharkkun]

Since Blizzard researches known hacks on forums this would be another tool for catching people. Hey guys, I have a new hack I designed and here's what it does in my screenshot. Blizzard finds this and watches the account with tools we aren't privileged to see. Blizzard figures out how they are doing it and adds the detection to warden and plays whack a mole with all the idiots exploiting the game.

The authors are probably smart enough not to post images but you can't say the same for all the idiots using them.

You'd also use this to ban users who violated the NDA and posted screenshots in Beta.

[Deleted]

Guys, I beg you to not be so narrow-minded.
Blizzard has the power to detect bots and exploits without the slight chance of some botter uploading a screenshot on some shady forum.


The information contained in every ss you take consists of:
-Account ID
-Timestamp
-IP address of current realm

What does this information give to an average person? Apart from the time the ss was taken, nothing.


There are now 2 questions rising:

1) Why did Blizzard implement this technology?
The more likely reason would be to get some authenticity on screenshots used as evidence, either when someone is reporting a botter/exploiter, or reporting a bug through the forums.
One less likely reason would be to track down private servers, but I do believe they do not care much about private servers as long as they stay unpopular. Which in turn defeats the purpose of tracking them if they are popular.
There are more reasons to use the watermarks. One can only imagine the possibilities...

2) How can one experienced programmer benefit from this information?
Again, the possibilities are endless. The main thing that everyone is pointing out is that screenshots do not have your battle.net account and password encrypted in them. I want to stress on it- there are no battle.net account names and passwords in the ss's. That means that they have your Account name, your ingame moments and a precise timestamp of those moments, while not having to deal with gaining account access. This is a huge security breach. Let's say they have gotten a program downloaded and installed on your computer through illegal ways (which is in fact a really easy thing to do). All the program does is upload the whole ss folder to their servers. An everyday anti-spyware software would not detect it, (as it is not a common spy/keylogger program) unless specifically told so. Now they have information for every character, their realms, what they were doing, at what time were they doing it and, most importantly, your account name. You will now say that there is nothing valuable in this information, but you are wrong. Information is worth $. One can use these account names, character names, timestamps to create a targeted scam project. Imagine what a non-cautious person would do if he recieved an e-mail from blizzard-like sender which states the exact time, place, realm, account name, character name and that his account was flagged as a botter. To unflag it he would have to provide, lets say, his wow key. You got the idea.
This is just one possible scenario. Do not let me get started on programmers actually managing to encode information in the ss's themselves. It might create a certain disturbance if Blizzard still uses this technology.

Every single shred of information can be used against us. This is why we entrust Blizzard with our account security.
I personally would like a direct explanation on this topic from Blizzard. It is one thing to gather gameplay, time, hardware information (as described in the ToS), but it is a whole lot of a different story when they let such a hole in our account security given to the responsibility of us, players, without our knowledge. This unencrypted watermarking mechanism fails to protect our privacy, not from Blizzard employees (they already know everything about our computer systems), but from malicious hackers looking for something or someone to take advantage of.

[Kujako]

If people think this somehow violates their privacy, they'll throw a hissy fit when the find out about the armory.

[aekya]

I agree, if it's a privacy battle it feels like it would by Pyrrhic at best to "win" it.

On the privacy battlefield, nothing is a pyrrhic victory, fight everything tbh!

Anyway, why care? dont take screenshots if it concerns ya that much

[Deleted]

I don't understand how this would catch people breaking the ToS?

If Blizzard thinks that you are having suspicious activity going on your account they can forward screenshots from your client.
These screenshots are also used as part of documentation for a ban.
Example could be mouse cursor placement in D3 while a bot runs and fires shift shots in the opposite direction of the cursor.

As for your own screenshots containing a watermark... who cares.. Server IP, Time and the a user account string that doesn't even contain your password.
Unless your going to have something shady going on there is no need to be frightened.

Sorry for google necroing this up

[Deepsidedj]

Rofl people that are concerned about their online privacy always cracks me up.

[This name sucks]

Necro.

[Tziva]

Necro.

Not really a time sensitive thread, leaving it open.