3659 réponses à ce sujet

[dmex]

Forbidden wrote...

I will not allow Origin onto my machine.  Stating that it isn't spyware doesn't make it so.  It searches your disk and uploads personal information.  That is spyware.  I was looking forward to ME3 after playing the two previous, but I will not purchase ME3 or any future bioware games that require Origin.  There are plenty of other games out there that aren't security risks.  It's a shame that bioware has chosen the anti-customer the route of Ubisoft.  You used to be a good company.

Origin does nothing of the sort, I answered and provided proof it does no such thing here just yesterday: forum.ea.com/eaforum/posts/list/300/7488935.page#19555964

For those that are still unconvined, I'm working on an Open-Source verion of Origin: 
http://openorigin.sourceforge.net/ 

dmex
Researcher, EA Security Risk Management Team

Modifié par dmex, 20 janvier 2012 - 02:48 .

[kofelover]

dmex wrote...

Forbidden wrote...

I will not allow Origin onto my machine.  Stating that it isn't spyware doesn't make it so.  It searches your disk and uploads personal information.  That is spyware.  I was looking forward to ME3 after playing the two previous, but I will not purchase ME3 or any future bioware games that require Origin.  There are plenty of other games out there that aren't security risks.  It's a shame that bioware has chosen the anti-customer the route of Ubisoft.  You used to be a good company.

Origin does nothing of the sort, I answered and provided proof it does no such thing here just yesterday: forum.ea.com/eaforum/posts/list/300/7488935.page#19555964

For those that are still unconvined, I'm working on an Open-Source verion of Origin: 
http://openorigin.sourceforge.net/ 

dmex
Researcher, EA Security Risk Management Team

It didn't do any such thing yesterday.  Do you have any pull to get the wording of the EULA changed to coincide with the statements EA has made about the intrusiveness of their program?  If it's not doing it now, and won't be in the future, that is easily rectified by changing the EULA or allowing an "opt-out" for concerned customers.

Modifié par kofelover, 20 janvier 2012 - 03:08 .

[DRUNK_CANADIAN]

Bogsnot1 wrote...

Merkar wrote...

Bogsnot1 wrote...

Stanley, please take the time to read through my sigs link to Wikipedias very simple explanation of what sandboxing does, and how it is used for legitimate, legal purposes, and has absolutely sod all to do with piracy and copyright circumvention.

It has everything to do with circumventing DRM. The DRM is still active but is prevented from working in the System. It's a gray area for sure but, technically, you're circumventing it.

It has nothing to do with circumventing DRM. If Origin works the way EA claims (only scans its own, and EA games folders), then limiting its access to the Origin & EA related folders will do nothing to circumvent the DRM regime within the games.
If Origin decides to scan outside of those folders for any reason, then we are now getting into the realms of breach of privacy and data protection laws by Origin, and that makes Origin the law breaker, not the customer.

He has a point you know.

[Adugan]

I am a fan of your OpenOrigin, I even linked it in my sig. Can YOU explain why silicon dioxide containers are copyright circumvention?

dmex wrote...

Forbidden wrote...

I will not allow Origin onto my machine.  Stating that it isn't spyware doesn't make it so.  It searches your disk and uploads personal information.  That is spyware.  I was looking forward to ME3 after playing the two previous, but I will not purchase ME3 or any future bioware games that require Origin.  There are plenty of other games out there that aren't security risks.  It's a shame that bioware has chosen the anti-customer the route of Ubisoft.  You used to be a good company.

Origin does nothing of the sort, I answered and provided proof it does no such thing here just yesterday: forum.ea.com/eaforum/posts/list/300/7488935.page#19555964

For those that are still unconvined, I'm working on an Open-Source verion of Origin: 
http://openorigin.sourceforge.net/ 

dmex
Researcher, EA Security Risk Management Team

[Wintersembrace]

@ dmex regardless of how origin operates now (bug or no bug) how running origin in a silicon container is circumventing its DRM after all you being on the EA Security Risk Management Team

Modifié par hotedge, 20 janvier 2012 - 03:18 .

[didymos1120]

Merkar wrote...

It has everything to do with circumventing DRM. The DRM is still active but is prevented from working in the System. It's a gray area for sure but, technically, you're circumventing it.

Um, no it's not.  If it prevented the DRM from working, that would defeat the whole point because then you couldn't activate or play the game. The one and only point is to limit its access to stuff that isn't needed for DRM purposes (and if it's not accessing anything untoward anyway, then it's even silliier to worry about people doing this. The end result is the same).

Modifié par didymos1120, 20 janvier 2012 - 03:04 .

[Dragoonlordz]

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

Modifié par Dragoonlordz, 20 janvier 2012 - 03:12 .

[kofelover]

Dragoonlordz wrote...

Doesn't sand boxing block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

Dragoonlordz, be careful about using that word -- maybe silicon container? - so the ban hammer doesn't come down.

[Dragoonlordz]

kofelover wrote...

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

Dragoonlordz, be careful about using that word -- maybe silicon container? - so the ban hammer doesn't come down.

Ok sorry. I'll change it. But can someone answer that question.

Modifié par Dragoonlordz, 20 janvier 2012 - 03:13 .

[Aaleel]

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

You can run your browser in it.

[chance52]

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

No, if I were allowed to post a link to specifics I would, but basically to get Origin to work you have to allow it access to everything it needs otherwise it wont work at all. You could try to block its access to the net but then you will find that Origin won't work at all, even to access your already downloaded games.

Modifié par chance52, 20 janvier 2012 - 03:17 .

[Pupuppu]

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

Of course you can block with a sandbox internet access and restrict a lot of other access, as you can do with the windows firewall or file and object properties from the operating system.
In the end of the day there is no difference if you run Origin in a sandbox, VMware, Virtualbox, iphone or a separate computer... all with a new windows installation. You are not circumventing anything.
Sandboxing is probably just more convenient (except having a gaming PC) but still a big hassle, not working flawlessly and may not be what you expect.

[Ryzaki]

chance52 wrote...

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

No, if I were allowed to post a link to specifics I would, but basically to get Origin to work you have to allow it access to everything it needs otherwise it wont work at all. You could try to block its access to the net but then you will find that Origin won't work at all, even to access your already downloaded games.

=/

What? 

Doesn't Origin have an offline version? 

[devSin]

Stanley Woo wrote...

Please do not discuss methods of circumventing Origins in this forum. Continuing to participate in such discussions may result in your post being edited or removed, all the way up to and including a forum ban for discussing forbidden topics and failing to heed Moderator instructions or warnings.

If I get a forum ban (which is really an account ban, as we all know), and Origin is required to play the game, does that mean I'll never be able to play the game again?

I bet it does.

You really know how to treat a fellow, guys. I'm blushing.

[didymos1120]

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed?

And that would cause activation to fail.  The DRM would do exactly what it was supposed to in such a circumstance: not allow you to play the game.  The point is to configure the container to do what is required to allow the DRM to work and no more. I think going to such lengths is a waste of time myself, but it would obviously let some people feel better about having to consort with Origin, and that would mean...more copies sold.  

[Pupuppu]

dmex wrote...

For those that are still unconvined, I'm working on an Open-Source verion of Origin: 
http://openorigin.sourceforge.net/ 

dmex
Researcher, EA Security Risk Management Team

As the repository is still empty, can we expect to see the source soon and do you plan this client as a real alternative to the EA Origin client where the community can contribute or is this just a proof of concept?

[chance52]

Ryzaki wrote...

chance52 wrote...

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

No, if I were allowed to post a link to specifics I would, but basically to get Origin to work you have to allow it access to everything it needs otherwise it wont work at all. You could try to block its access to the net but then you will find that Origin won't work at all, even to access your already downloaded games.

=/

What? 

Doesn't Origin have an offline version? 

Yes but I am speaking in very generic terms because to get too specific you get banned.  Plus you still need to sign in before going offline.

[Lux]

Bogsnot1 wrote...

It has nothing to do with circumventing DRM. If Origin works the way EA claims (only scans its own, and EA games folders), then limiting its access to the Origin & EA related folders will do nothing to circumvent the DRM regime within the games.
If Origin decides to scan outside of those folders for any reason, then we are now getting into the realms of breach of privacy and data protection laws by Origin, and that makes Origin the law breaker, not the customer.

My purpose wasn't to say that "sandbox security software" is a good or a bad thing. It was to indicate why they might be on the fence with this. I use a virtual machine all the time in my work to test new server configurations before making changes to the real one, and this sort of thing is really useful to have.

Now, when it comes to copyright AND provide services to customers; with Origin that includes searching the hard disk in order to aggregate EA games into the manager, querying the system if it has internet connection in order to activate offline mode, restoring a game from a backup, activating DLCs, activating games purchased from other distributors and so on. This sort of security software can effectively disrupt the functions for what Origin was designed for (it could also be used to extrapolate cracks but there's abuse in usage for all sorts of things). I'd think that this barring of functions from Origin, being part of their Digital Rights Management platform, may be in infringement of their EULA.

So there, that's my reasoning on why I think they have concerns on the issue.

Modifié par Merkar, 20 janvier 2012 - 03:35 .

[Dragoonlordz]

chance52 wrote...

Dragoonlordz wrote...

Doesn't silicon container block all access to the internet for an application not just restricting the folders accessed? It have been a very, very long time since I used VM so genuine question.

No, if I were allowed to post a link to specifics I would, but basically to get Origin to work you have to allow it access to everything it needs otherwise it wont work at all. You could try to block its access to the net but then you will find that Origin won't work at all, even to access your already downloaded games.

Ok thanks because like I said it has been many years since touched VM. I still have no desire to do this or use VM as I personally have no problem with Origin. 

The reason I asked is because I can only guess that there are maybe two specific DRM functions that Origin could use.

(a) DRM could be based on built into the application to scan it's own folders incase someone tampers and tries to crack the game and client inside those folders which all most all cracks do (replace the executable or change it) then locally block/lock it (game/client) from user if they try to do so.

( DRM could also be scanning of its own folders and the client itself then uploading the results of just its own game folders and client scanned to EA to handle when next connect to the internet. 

Both are DRM. Both do the same thing except one is handled right away on your machine the other is handled by EA so it would of been circumventing DRM if stop it from sending anything about it's own folders and client forever when the game will I assume say as requirement of game itself is an internet connection on box like most games do now even if for activation including Skyrim which is single player game. But as you said this wasn't the case I guess it might not apply here dependant on user.

But in order to not make it always online type DRM it has to allow for instances where may lose a connection to the internet legitimately or if traveling with no internet connection at time so can still play game and that is reasonable to me. Now the fact you have to activate it online in first place would seem to me that the requirement of an internet connection listed on the box that those who buy it do have a internet connection in first place so forever permenantly pulling out the cable would be also circumventing the DRM in example (.

I guess it depends on how the application handles the DRM whether built in or through connection to EA periodically. Thats the only two types of DRM I can think it might use. But if you do not block access to the internet permenantly in order to bypass if used ( mentioned above I guess it doesn't seem as circumventing to me, however if do block it from (forever) sending any information about it's own games folders and client then I do consider that cirumventing because the box says or  will, that requirement of the game is/will be an internet connection. But reasonable reasons why cannot connect such as lost connection for period of time or internet going down is fair and that is allowed through offline mode in the client.

This is just imho and doesn't make it true, just a guess and opinion.

Modifié par Dragoonlordz, 20 janvier 2012 - 03:46 .

[didymos1120]

devSin wrote...

If I get a forum ban (which is really an account ban, as we all know), and Origin is required to play the game, does that mean I'll never be able to play the game again?

Not around here, typically.  I got temp-banned from BSN myself recently. Didn't affect my games.  The risk of losing access occurs when someone uses the "Report this post" (or "Report this User" if you're on someone's profile) function which bypasses the BSN mods and sends the complaint to EA. Or posting on the actual EA forums themselves.  And I use the term "risk" advisedly, as not everyone who gets a forum ban loses access.  If they did, there'd be a whole hell of lot more cases showing up in the gaming media than the ones covered so far.

Modifié par didymos1120, 20 janvier 2012 - 03:34 .

[RAF1940]

I'm not buying any more EA PC games.

Sorry BioWare.

[Dragoonlordz]

didymos1120 wrote...

devSin wrote...

If I get a forum ban (which is really an account ban, as we all know), and Origin is required to play the game, does that mean I'll never be able to play the game again?

Not around here, typically.  I got temp-banned from BSN myself recently. Didn't affect my games.  The risk of losing access occurs when someone uses the "Report this post" (or "Report this User" if you're on someone's profile) function which bypasses the BSN mods and sends the complaint to EA. Or posting on the actual EA forums themselves.  And I use the term "risk" advisedly, as not everyone who gets a forum ban loses access.  If they did, there'd be a whole hell of lot more cases showing up in the gaming media than the ones covered so far.

Yeh Bioware never uses EA account bans just forum suspensions and forum bans.

EA account bans is solely handled by EA on their own forums, monitored online games, DRM and report button on this forum goes direct to EA bypassing Bioware.

[Pupuppu]

chance52 wrote...

Yes but I am speaking in very generic terms because to get too specific you get banned.  Plus you still need to sign in before going offline.

You can block origin.exe after installation in you vendor specifc firewall after game activation to be permanently offline.
If you don't have a vendor specific firewall you can use the windows firewall to quickly toggle offline mode on and off.

Create a shortcut with administrative rights:
Turn on offline mode:

netsh advfirewall firewall add rule name="Origin_Offline" dir=out action=block program="C:\\Program Files (x86)\\Origin\\Origin.exe"

Optional do this in a batch job and run origin.exe after this.

Then another shortcut to turn Offline mode off, also with administrative right:

netsh advfirewall firewall delete rule name="Origin_Offline"

[Dragoonlordz]

Pupuppu wrote...

chance52 wrote...

Yes but I am speaking in very generic terms because to get too specific you get banned.  Plus you still need to sign in before going offline.

You can block origin.exe after installation in you vendor specifc firewall after game activation to be permanently offline.

And if the DRM is as I described in option ( on other page then you are circumventing the DRM by doing that but not option (a). I do not know which they use. But I believe it may be ( not (a). Could even be both.

Modifié par Dragoonlordz, 20 janvier 2012 - 04:02 .

[Harley_Dude]

The DLC store could have been entirely web based with no need for a client. EA would still get thier DLC monopoly without having ANY client side software. Signing into an EA server when the game starts could pass a certificate authorizing that machine to run the game. From that point forward no interrnet connection would be required until the certificate expired. Releasing the source code doesn't satisify my privacy concern because whatever scans performed are most likelly done with Microsoft Windows APIs.