I just want to ask a question and hopefully have some light shed on some things. First off, from what i understand about this new file format...it is supposed to make it easier for wow to search and retrieve needed files and what not for easier patching updating and blah blah blah. I know nothing what this WARDEN thing is either. But my question is..Is the new file format going to give blizz the ability to search your computer in a sense for anything that could "compromise" the integrity of the game aka bot programs? I just feel like this new file format is just a way for them to gain more access to your computer systems files. Please correct me if im wrong or misguided. I guess my concern primarily is will blizz be able to detect the program because it is on the same storage device? I saw a post about some addons could possibly get you banned also, being a 3rd party program. Smart people please learn me I know tensions are high so lets keep the brutality against me to a minimum please haha. no seriously any advice or knowledge would help me better understand would greatly be appreciated.
I don't think blizz will risk having warden search running processes and directories again after the big fiasco they had before. That said, a new file format does not mean anything....I can create my own file format and it doesnt have any added functionality. The real role I can see for this is to actually cut down hard disk reads by making a database of sorts of the directories and wow files for future patches so the update doesn't have to search every time. That said, everything I'm saying is pure speculation and none of us will know until one reverses the structure to see what in fact its doing. As far as warden is concerned....when an update comes HB will activate tripwire and they'll look into it, as of right now I can't say warden functionality changed to try to detect HB, but an update can come at any moment, the only way youll know is if you keep track of warden consistently or wait for something like tripwire to fire off. Tl; dr I don't believe there's anything to worry about concerning a new file format.
Thanks for the knowledge, Unfortunately when i try and search about these topics i only find bits and pieces here and there and most of the time it isnt supportive of our HB community if you get my drift, so i end up with one sided information.
That's pretty much what you get on these forums...One sided information. Blizz already had the ability to scan within running processes while the game is running, it says so right in the ToS. Do they use that ability? Maybe... It should be stated that that practice is illegal in many countries, so even if they do scan for processes, they can't really do anything with that information legally. Take that as you will, but also keep in mind that blizzard doesn't make changes specifically to catch botters (that could always change at the blink of an eye though). They make changes to improve their service, uptime and their ability to maintain their systems more efficiently.
Can txt file scan you computer? No? So CASC also can´t CASC is there because MPQ files that were used since vanila WoW are pretty ineffective in allocating disc space. If they want update some thing, they must include it in new MPQ and load it after first MPQ, so you will end up with file size*number of revisions. Files like DBC files are updated in every patch so now you have about 17 copies of some files. See? Pretty bad disk space management Another reason is to make it harder to modify game files. Until this day, there is no way how to write in CASC file system
There are definitely people out there who know how to decompile the CASC files. It'd be ignorant to assume that there wasnt someone. But just because a text file cant scan your files doesnt mean something with a different format couldnt do that. When you make your own file formats, you define how whatever is opening and reading that file is read/executed. For all we know there could be a flag in the header of the file that states if a value is one thing then the file is a DB/Text File/Game file, but if the value isnt that then its an executable and meant to scan your system. That said, it'd be quite farfetch'd for that to be the case, and awfully ingenious for a simple game of catch the botters....most of their playerbase does that for them. I wouldnt worry about a change in file format....its when you start hearing about processes being read, or a new file being injected into a/all running process(s) that you've really got to worry. I doubt we will see that again any time soon, its a very grey line and a judge could lean either way in a case where they're reading/injecting....its technically hacking, but also arguable that its a necessary evil to protect their investment(ie: WoW/Diablo)
cmon you can´t be serious.... there is big difference between file and file system.... File can scan you computer, because it can be just .exe file, but CASC is filesystem - how data are stored, doesn´t matter what kind of data. Also Yes we know how to read CASC (whole WoD is datamined) but only Blizz have ability to write in CASC.
A file system can do whatever the developer wants it to do. If you develop your own file system to read a value in the PE header upon execution in order to determine if its to be run as an executable or to be opened with another software like notepad. Just because its not usually that complex doesn't mean its not possible nor should you be so quick to say its not. In this circumstance it isn't practical...in a malicious one this is very viable. And if you know how to decompile and read the data in the casc files...you sure as heck can write them too....you don't reverse engineer something into code you cant read or write. Regardless, the question was could it POSSIBLY be used for this intent, and the answer is yes its possible but extremely unlikely.
i may be missing something.... but why the hell would they need a file system that scans your file system? wouldn't it be easyer to implement a logger serverside and just look for some repeated patterns?
Not necessarily....that's kind of what we assume is happening now, but it would give you more of a definitive answer as there are legit players who do repetitive things just the same as bots. They did this once before. However the backlash proved to be much more than they assumed it would be and stopped...they do reserve the right to do so in their TOS still. However, I highly doubt they'd choose to do it again...any nonmalicious rootkit code could be used to hide the bot from wow, and not many people will be too accepting with the amount of privacy violations going on around in the real world right now...at least stateside that is.
CASC files can be readed. Google CASCExplorer by TOM_RUS or CASCView by Ladik001 (creator of MPQEdit). These two ppl know what they are doing, but there is still not publicly know way how to write in CASC. And CASC is about storing data, yes, they can store .exe file in it and run it on your computer, but it is file in CASC not CASC itself. Also you can find full analysis of CASC file system done by OC member "caali"