World of Warcraft Screenshots Contain Your Account Info

 Pages 1 2 3 NEXT
 

World of Warcraft Screenshots Contain Your Account Info

Blizzard may be using account details hidden in screengrabs to hunt down pirates.

image

Taking a screenshot in World of Warcraft might do more than just show off your full armor set. Clever posters over at OwnedCore discovered data hidden inside their screenshots. In-game pictures contain your account ID, a timestamp, and the IP address of your server. The data is encrypted by a technique called steganography, which hides a secret watermark in each picture.

While actual account passwords are not revealed, it remains possible that hackers could somehow use this data to harass or compromise your account, especially now that this technique is in the open. Basically, when it comes to matters of account security, it's generally best not to disclose anymore than you have to.

While Blizzard has yet to issue any official announcement on the discovery, the watermarking seems to be a way to root out private servers or other infringing activities. By reporting the server IPs Blizzard could locate and shutdown pirated games, especially if any users were silly enough to post screenshots on official forums.

This watermark can be found on screenshots going all the way back to 2008, around the time of the Activision-Blizzard merger.

Thankfully, the fix is pretty easy. Concerned players can either use high-quality screenshots (using the '/console SET screenshotQuality "10"' command), or use a third party screenshot utility to ensure their details don't inadvertently leak out.

Source: Rock Paper Shotgun

Permalink

Couldn't you just use the "Printscreen" button[1] to get around this?

Because if you can then anyone stupid enough to get caught by this deserves the fate they get.

[1] or 'Shift+3' if you're playing on a Mac.[2]
[2] and whatever the Linux version of those two are I guess.

Shady practice is shady. Good thing I never shared any of my old screenshots.

sneaky. verry sneaky :)

They could've encrypted the hidden text as well, though, so that it needed a key only blizzard had to unlock. That way a discovered watermark would still only be gibberish to anyone else.

This watermark will leave you high and dry.

Wow, 2008, it's incredible that this info has been hidden for that long.
Impressive Blizzard, impressive.

Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

Aeshi:
Couldn't you just use the "Printscreen" button[1] to get around this?

Because if you can then anyone stupid enough to get caught by this deserves the fate they get.

Print screen is how you take screenshots in WoW, then the game automatically saves what you took to the WoW folder. Also up until now nobody knew about this so they had no reason to be afraid of letting the game auto save the picture. It's had that function since it's release in 2004 and according to the group that found this the watermarks don't show up on any screenshots prior to Blizzard's merger with Activision in 2008.(apply tinfoil hat if you so feel like) As it stand anyone who's posted a screenshot since 2008 to the internet was caught by this, so it's rather callous to say they deserve whatever happens when they had no idea of a security threat in the first place.

[1] or 'Shift+3' if you're playing on a Mac.[2]
[2] and whatever the Linux version of those two are I guess.

LordLundar:
Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

Dunno if this is legit but you sound convincing so guess nothing to worry about :P. Never shared my screenshots anyways

Aeshi:
and whatever the Linux version of those two are I guess.

That's also the print screen button, just like on windows.
OT: well....gentlemen, it's time to get your tinfoil hats out.

KeyMaster45:

Print screen is how you take screenshots in WoW, then the game automatically saves what you took to the WoW folder. Also up until now nobody knew about this so they had no reason to be afraid of letting the game auto save the picture. It's had that function since it's release in 2004 and according to the group that found this the watermarks don't show up on any screenshots prior to Blizzard's merger with Activision in 2008.(apply tinfoil hat if you so feel like) As it stand anyone who's posted a screenshot since 2008 to the internet was caught by this, so it's rather callous to say they deserve whatever happens when they had no idea of a security threat in the first place.

Are you sure? Because on my copy of the game "Take Screenshot" is bound to my Home key, and I can still take pictures with Printscreen and then pasting the result into Paint.

Perhaps that does justify it a tiny bit, but you'd still have to be pretty stupid to get caught out by that when you've found a workaround for literally everything else. (and of course they had no idea there was a Security Threat, that's what makes it a "Security THREAT" and not a "Security mild inconvenience")

Think logically for a second. Blizzard is actively trying to get people to be more secure with their accounts. They really get nothing but a headache if your account gets hacked. If they were to release your account name, or any information that could be used to steal your account, they'd just make things harder on themselves.

The server IP is exactly what LordLundar said. They're not going to somehow trace your IP based on the watermark. The User ID is the unique identifier for each account in the database, or each set of entries. If they had access to Blizzard's database, they COULD technically match it up and find your account name, but your password will still be stored as encrypted data.

DugMachine:

LordLundar:
Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

Dunno if this is legit but you sound convincing so guess nothing to worry about :P. Never shared my screenshots anyways

It was on reddit, but I wasn't really going to comment on anything since it was harder than it seemed to replicate the Watermark for a regular player. That led to the idea that the whole thing might have been made up by Ownedcore.

Either way I as far as I can tell Blizzard has no use for showing the players IP if they have access to a way to code in the Account ID. There is no reason for them to code in information that says more than identification. Blizzard already has your IP and your password (and probably your credit card info).

Well, it's a good thing I always took my pictures with Xfire and even if I'd still play the game, I'd use Steam; I never take pictures from inside the game, I always use a third party software for my pictures.

Blizzard is doing this to help us right i feel like a lioness when the male has eaten her cubs i dont know where we stand anymore and they arnt having any of my zebra to night thats for fucking sure

Pretty sophisticated technology for 2007. Still don't know about what the data actually contains.

LordLundar:
Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

So, when you say if "anyone had done ANY research into the information", you'd hoped that the author of this post would have reported that "It's the Account ID" and the "SERVER IP." So, basically, precisely what he wrote in the article.

IanDavis:

In-game pictures contain your account ID, a timestamp, and the IP address of your server.

I'm very confused as to what grounds you attack both Ian and Andy.

Mike Kayatta:

LordLundar:
Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

So, when you say if "anyone had done ANY research into the information", you'd hoped that the author of this post would have reported that "It's the Account ID" and the "SERVER IP." So, basically, precisely what he wrote in the article.

IanDavis:

In-game pictures contain your account ID, a timestamp, and the IP address of your server.

I'm very confused as to what grounds you attack both Ian and Andy.

Considering all news articles are dictated by tone of writing, I can see him having beef with a written piece that says, out of the blue: "While actual account passwords are not revealed, it remains possible that hackers could somehow use this data to harass or compromise your account, especially now that this technique is in the open".

You can use this data inasmuch as I can use random e-mail scams targeted at the WoW demographic via just sending said e-mails to random people in hopes one of them is silly enough to type things into places they shouldn't. The information provided in these screenshots is useless, and creating unnecessary paranoia is, well, unnecessary.

The mis-quote wasn't necessary, however. The particular piece of information in what these screenshots contain was reported correctly.

Maybe explain what "server IP" means for simplicity's sake, but honestly the rest is, in my humble opinion, written tone.

Aeshi:

KeyMaster45:

Print screen is how you take screenshots in WoW, then the game automatically saves what you took to the WoW folder. Also up until now nobody knew about this so they had no reason to be afraid of letting the game auto save the picture. It's had that function since it's release in 2004 and according to the group that found this the watermarks don't show up on any screenshots prior to Blizzard's merger with Activision in 2008.(apply tinfoil hat if you so feel like) As it stand anyone who's posted a screenshot since 2008 to the internet was caught by this, so it's rather callous to say they deserve whatever happens when they had no idea of a security threat in the first place.

Are you sure? Because on my copy of the game "Take Screenshot" is bound to my Home key, and I can still take pictures with Printscreen and then pasting the result into Paint.

Perhaps that does justify it a tiny bit, but you'd still have to be pretty stupid to get caught out by that when you've found a workaround for literally everything else. (and of course they had no idea there was a Security Threat, that's what makes it a "Security THREAT" and not a "Security mild inconvenience")

Print screen is what's always done the trick for me, then again it never occurred to me that they would also bind that function to the home key. I'm not saying that there aren't options to workaround this problem, just that since this is something that effects people's posted screenshots going all the way back to 2008 that unless they've kept a detailed account of where they've uploaded/posted/linked them you can't really say they deserve negative consequences. (then again I don't think anyone actually deserves to have their personal accounts compromised, especially to threats they had no prior awareness of) Even now that it's out in the open there will remain people who never hear about this and continue on their merry way.

Those of us who are actively concerned about our online security we'll patch this little leak in our defense and then turn our attention to why the crap was this deliberately put there in the first place. Though the sad fact is a vast, vast majority of people are complacent or simply naive about their online security. The Blizzard CS forums are testament to that with the multitude of people who's accounts are hacked and have no idea how it could have happened. Lord knows Blizzard has tried to idiot proof their system (though this incident dose raise questions about wtf they were think with this watermark) and yet accounts are still compromised. What may seem like common sense security measures to you or me is something that someone else would have never dreamed they'd need to watch out for. Unfortunately most people don't become concerned about their security until after they've been hit with the consequences, and even then there will steps they could take which they will either not know of or understand how to carry.

The solution to this particular problem may be simple, but I don't agree that anyone who is affected negatively deserves those consequences. Especially because they'd be the direct result of Blizzard plastering just enough info so the account hackers can get their foot in the door.

When they say "server IP" I think they mean which server you are connected to in order to play WoW, rather than your personal IP. Because the way I see it, they're wanting to see if the IP address is one of their own servers, and if it isn't, they've found out the IP of the server that's illegally hosting the game so they can stamp it out.

LordLundar:
Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

...I actually ASSUMED the Screenshots contained a measure like this...

And yeah, verified this on MMO champion. Escapist I am disappoint at scaremongering.
If hackers can hack me with that, then... they deserve my account.

IanDavis:
While actual account passwords are not revealed, it remains possible that hackers could somehow use this data to harass or compromise your account, especially now that this technique is in the open. Basically, when it comes to matters of account security, it's generally best not to disclose anymore than you have to.

...Thankfully, the fix is pretty easy. Concerned players can either use high-quality screenshots (using the '/console SET screenshotQuality "10"' command), or use a third party screenshot utility to ensure their details don't inadvertently leak out.

Nope.

Your account ID is useless to anyone outside of Blizzard. The server IP says nothing about you individually. A "hacker" can probably get better information from the content of a screenshot; character/guild name, chat logs, appearance, etc. Posting a screenshot at all is "dangerous" in that respect, the details in the watermark are not.

You imply that a "fix" is necessary. There is nothing to be concerned about. There are no dangerous details inadvertently leaking out.

Sensationalist post is sensationalist.

KeyMaster45:

Though the sad fact is a vast, vast majority of people are complacent or simply naive about their online security.

Well we're not talking about the "vast, vast majority of people", we're talking about Hackers, Pirates, people who run private servers and other people who essentially bypass security as a hobby. People who really, really should know better than to blindly assume "oh well there's no way THIS piece of code could contain any security measures, and I'm so sure I'm not going to bother checking because I'm too busy being right."

The title of this article is so misleading. It looks unnecessarily sensationalist.

It's a trend I've noticed a few times on this site. To have a very aggressive title saying THIS IS HAPPENING, only to read the article saying "ok that's not actually true, but I did get you to click this link right? LOL".

guys, this is total crap even if it's true which frankly i doubt
it's supposedly hidden in the jpeg compression data
so save your files as bitmaps, or tga and said data is gone.
also save any jpeg with compression and sharpening up 99% and you'll see odd artifacts, banding blocking and blurring such as :

http://shutha.org/node/829

jpeg just has crappy algorithms

until someone comes up with a program that can read jpeg artifacts and get out data that isn't nonsense it's pure tinfoil hat

Why disable the hacked compression data when altering the quality of the jpeg file output?
Why not create .bmp .tga ect encoding programs?

it makes no logical sense to attempt to spy on activities when your only seeing certain screenshot settings

Aeshi:

KeyMaster45:

Though the sad fact is a vast, vast majority of people are complacent or simply naive about their online security.

Well we're not talking about the "vast, vast majority of people", we're talking about Hackers, Pirates, people who run private servers and other people who essentially bypass security as a hobby. People who really, really should know better than to blindly assume "oh well there's no way THIS piece of code could contain any security measures, and I'm so sure I'm not going to bother checking because I'm too busy being right."

Because only bad people have bad stuff happen to them on the internet, right?

I'm not concerned about them, they know what they're doing and hopefully they're aware of the risks. I'm more concerned about the effects this will have on people who aren't in the group of miscreants you rattled off.

Being uninformed about something that puts your digital security at risk and not knowing you should be seeking out the information to protect yourself does not mean you deserve to whammied by some prick hacker looking to prey on your naivety. That's what I take issue with from your original post and now your imagined thought process of someone who really doesn't know what they're doing. They don't deserve the negative consequences that come from a company like Blizzard hiding their info in such a way that only the people who wouldn't fall prey to an exploit from it could find it. What did they do that was so wrong other than taking a screenshot and posting it to the web? There's a reasonable expectation there that such a frequent and accepted practice in the gaming community won't result in someone being given the tools to hijack their account.

Mike Kayatta:

LordLundar:
Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

So, when you say if "anyone had done ANY research into the information", you'd hoped that the author of this post would have reported that "It's the Account ID" and the "SERVER IP." So, basically, precisely what he wrote in the article.

IanDavis:

In-game pictures contain your account ID, a timestamp, and the IP address of your server.

I'm very confused as to what grounds you attack both Ian and Andy.

I would assume it has somethin to do with the fact that, despite havin apparently done his research and knowin exactly what is supposedly in the screenshots, he uses this line.

While actual account passwords are not revealed, it remains possible that hackers could somehow use this data to harass or compromise your account

Which, if he actually had done the research, would be the stretchiest overreach ever. There is absolutely no way short of gettin a full list from Blizzards computers of every account number, then another list that ties those account numbers to the actual accounts (since they are literally an arbitrary number attached to an account that is in now way shape or form actual visible to anyone outside of Blizzard.

The amount of work needed to even harass a player through this would not remotely be worth it. You'd be able to harass or even attempt to steal an account by simply analyzin the actual contents of the screenshot itself.

KeyMaster45:

Aeshi:

KeyMaster45:

Print screen is how you take screenshots in WoW, then the game automatically saves what you took to the WoW folder. Also up until now nobody knew about this so they had no reason to be afraid of letting the game auto save the picture. It's had that function since it's release in 2004 and according to the group that found this the watermarks don't show up on any screenshots prior to Blizzard's merger with Activision in 2008.(apply tinfoil hat if you so feel like) As it stand anyone who's posted a screenshot since 2008 to the internet was caught by this, so it's rather callous to say they deserve whatever happens when they had no idea of a security threat in the first place.

Are you sure? Because on my copy of the game "Take Screenshot" is bound to my Home key, and I can still take pictures with Printscreen and then pasting the result into Paint.

Perhaps that does justify it a tiny bit, but you'd still have to be pretty stupid to get caught out by that when you've found a workaround for literally everything else. (and of course they had no idea there was a Security Threat, that's what makes it a "Security THREAT" and not a "Security mild inconvenience")

Print screen is what's always done the trick for me, then again it never occurred to me that they would also bind that function to the home key. I'm not saying that there aren't options to workaround this problem, just that since this is something that effects people's posted screenshots going all the way back to 2008 that unless they've kept a detailed account of where they've uploaded/posted/linked them you can't really say they deserve negative consequences. (then again I don't think anyone actually deserves to have their personal accounts compromised, especially to threats they had no prior awareness of) Even now that it's out in the open there will remain people who never hear about this and continue on their merry way.

Those of us who are actively concerned about our online security we'll patch this little leak in our defense and then turn our attention to why the crap was this deliberately put there in the first place. Though the sad fact is a vast, vast majority of people are complacent or simply naive about their online security. The Blizzard CS forums are testament to that with the multitude of people who's accounts are hacked and have no idea how it could have happened. Lord knows Blizzard has tried to idiot proof their system (though this incident dose raise questions about wtf they were think with this watermark) and yet accounts are still compromised. What may seem like common sense security measures to you or me is something that someone else would have never dreamed they'd need to watch out for. Unfortunately most people don't become concerned about their security until after they've been hit with the consequences, and even then there will steps they could take which they will either not know of or understand how to carry.

The solution to this particular problem may be simple, but I don't agree that anyone who is affected negatively deserves those consequences. Especially because they'd be the direct result of Blizzard plastering just enough info so the account hackers can get their foot in the door.

Again. There is literally no feasible way for anyone to compromise an account with the information in the screenshot. Literally. None. Anyone outside of Blizzard would get an arbitrary number and a ip address to a Blizzard server. End. Of. Story.

What exactly do you think someone can do with an arbitrary number and a ip address to a Blizzard server?

Fappy:
Shady practice is shady. Good thing I never shared any of my old screenshots.

Yeah. This seems borderline illegal. Is it really ok for Blizzard to be using this method? Could it open for lawsuits against them for something or another?

I dont dispute Blizzards right to try to stop pirate servers I guess, well not for this discussion, but they could inadvertently be responsible for peoples personal information leaking out.

And it also begs the question, how normal is this? Are other companies using similar methods? And who? Paranoia ensues.

Gotta hand it to Blizzard. Their fans should be even more pissed off at them right now than they already are, but the audience is jumping to their defense. That's a dedicated WoW player for ya - Blizzard can do no wrong.

To be honest, The Escapist needs to fool-proof read through their articles. Because the majority will read this as "Blizzard attaches all your account info that can be used by hackers in your screenshots" even if you've written "no passwords are attached, only server IP". The title is misleading, and the wording has obviously convinced enough people here that there's reason to worry when there's really not. You know that's gonna happen, so why not try to cater to the crowd that takes the title as proof, and actually write it in a way so that it is 100% clear that it is not a case to worry about.

Apparently, people are already working on decoders, and it is verified to not be JPEG compression. And while hackers would prolly just go datamining, it does pose the potential issue of linking a character with their general blizzard account, which could accomidate harassment between users.
And the most damning thing about this is that use of such technology was never spoken of in the Terms of Service nor the User Agreement. And that just doesn't feel right to me.

There's really no skin off my back since I'm abstaining from MMO grameplay in general, but its still very interesting.

I've always thrown my screenshots in some kind of program for cropping purposes and whatnot.
Pretty sure I'm okay.

I've always hated people's raw screenshots. Most are either too big, or hilariously shrunk from their imagehost. Either way it's inconvenient.
If I want to show an armor set, I crop a picture so it's just me. With my armor. Not a 4000x4000 screenshot of everything else.

The Lugz:
guys, this is total crap even if it's true which frankly i doubt

until someone comes up with a program that can read jpeg artifacts and get out data that isn't nonsense it's pure tinfoil hat

...

Go to the original article. He wrote a program that reads the jpeg artifacts and spits out your account ID, the realm IP, and a timestamp /before/ they released this info. You can run it yourself.

One thing you can do with this info is tie alts together.

Two chars with same account ID -> alts. And if you know anything about one of the alts...

The Lugz:
guys, this is total crap even if it's true which frankly i doubt

Whatever reasons they had for doing it the way they did, it's still undeniable that the watermarks are there. I haven't played the game in some time, but I found some old screenshots and sharpened them up to see if anything would happen.

Those vertical strips in the white fields look like encrypted data to me.

 Pages 1 2 3 NEXT

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here