36 réponses à ce sujet

[Som.Bra]

I think you should read this:

http://www.polygon.c...users-computers

[SavagelyEpic]

bloody ea ****ing up again.

[Ramsutin]

Well **** you too EA

Modifié par Ramsutin, 19 mars 2013 - 09:37 .

[DeltaSerpentis.m]

Fair warning, this could be boarding on an inapproriate thread...

[Geakker]

I never really understood why EA is so damn successful

[Kittstalkur]

Geakker wrote...

I never really understood why EA is so damn successful

They're actually not doing all that well.

[Team_Seven_Star]

Kittstalkur wrote...

Geakker wrote...

I never really understood why EA is so damn successful

They're actually not doing all that well.

Be quiet, we don't want to jinx it.

[Som.Bra]

DeltaSerpentis.m wrote...

Fair warning, this could be boarding on an inapproriate thread...

I think peaple have the right to know. But thanks for the heads up.

[KiraTsukasa]

In order to do that, the malicious code has to be put on your computer. If you're not downloading stuff that you shouldn't be, there's no problem. If someone sends you a link, don't click on it unless you know exactly what it is, that's Internet Security 101.

[dstrawberrygirl]

There were at least two or three threads on this yesterday. Steam had same issue last year.

/thread

[Tech Domain]

Working as intended.

[Feneckus]

DeltaSerpentis.m wrote...

Fair warning, this could be boarding on an inapproriate thread...

That got locked ?

My God ....... 

Oh well, can't say I'm surprised 

[chefcook90]

Som.Bra wrote...

DeltaSerpentis.m wrote...

Fair warning, this could be boarding on an inapproriate thread...

I think peaple have the right to know. But thanks for the heads up.

I'm pretty sure Ninja Stan locked a thread about this exploit the other day.

...Unless that thread was about a completely different exploit.

Honestly, I've lost track of how many leaks and backdoors Origin has.

[TookYoCookies]

Kittstalkur wrote...

Geakker wrote...

I never really understood why EA is so damn successful

They're actually not doing all that well.

^ This.

Luckily Riccitiello leaving later this month, hopefully some one steps in that knows WTF it is their suppose to be doing exactly.

[chefcook90]

TookYoCookies wrote...

Kittstalkur wrote...

Geakker wrote...

I never really understood why EA is so damn successful

They're actually not doing all that well.

^ This.

Luckily Riccitiello leaving later this month, hopefully some one steps in that knows WTF it is their suppose to be doing exactly.

*GASP*

What if Blizzard Activision buys them out!?

[Fated Xtasy]

wow i sorta feel sorry for pc gamers.sorta

[Pyroninja42]

chefcook90 wrote...

TookYoCookies wrote...

Kittstalkur wrote...

Geakker wrote...

I never really understood why EA is so damn successful

They're actually not doing all that well.

^ This.

Luckily Riccitiello leaving later this month, hopefully some one steps in that knows WTF it is their suppose to be doing exactly.

*GASP*

What if Blizzard Activision buys them out!?

That would be godawful.

[upinya slayin]

Som.Bra wrote...

I think you should read this:

http://www.polygon.c...users-computers

dat master race

[DeltaSerpentis.m]

KiraTsukasa wrote...

In order to do that, the malicious code has to be put on your computer. If you're not downloading stuff that you shouldn't be, there's no problem. If someone sends you a link, don't click on it unless you know exactly what it is, that's Internet Security 101.

This issue isn't as simple as, don't click the link in the email sent from a .ru domain...

To be fair, it is a basic issue with URI handlers. It makes whatever application essentially a browser plugin, because once you click the "handle all future links" option (or whatever it is in your browser of choice), you have then opened up a "trusted" path between the internet and the handler in question.  If in the case of Origin or Steam (because this vuln affects Steam too), that browser plugin is actually executing whatever code is found at the URI, it executes that code with your user priviliges, and doesn't stop to see if it's the intended executable or some malicious payload, because you've told it that everything coming from that URI path is safe, it's called "whitelisting".  

Modifié par DeltaSerpentis.m, 19 mars 2013 - 10:03 .

[nicethugbert]

Danger lurks.

I reopened that closed thread yesterday and it's still open: http://social.biowar.../index/16316537

I recomend not just readying the article, but, read the paper that describes the problem becasue the conclusion of the paper mentions software that can stop origin from processing the unsecure web requests.  I tried it yesterday and was able to play ME3 MP without a noticable issue.

Also, my understanding and recollection of the problem is that web browsers can process web pages that can make Origin download and run malicious code.  So, you should be safe if you are not using a browser.

Modifié par nicethugbert, 19 mars 2013 - 10:07 .

[Jhanus]

chefcook90 wrote...

Som.Bra wrote...

DeltaSerpentis.m wrote...

Fair warning, this could be boarding on an inapproriate thread...

I think peaple have the right to know. But thanks for the heads up.

I'm pretty sure Ninja Stan locked a thread about this exploit the other day.

...Unless that thread was about a completely different exploit.

Honestly, I've lost track of how many leaks and backdoors Origin has.

Same topic. Pretty sure it was locked because of the first sentence in the OP, and many of the replies. Not what it was about.

[Kittstalkur]

Pyroninja42 wrote...

chefcook90 wrote...

*GASP*

What if Blizzard Activision buys them out!?

That would be godawful.

Aside from Diablo 3, Blizact hasn't been doing too horribly lately. Though EA's been making a far bigger mess of things, so they've gotten far more attention.

[KiraTsukasa]

DeltaSerpentis.m wrote...

KiraTsukasa wrote...

In order to do that, the malicious code has to be put on your computer. If you're not downloading stuff that you shouldn't be, there's no problem. If someone sends you a link, don't click on it unless you know exactly what it is, that's Internet Security 101.

This issue isn't as simple as, don't click the link in the email sent from a .ru domain...

To be fair, it is a basic issue with URI handlers. It makes whatever application essentially a browser plugin, because once you click the "handle all future links" option (or whatever it is in your browser of choice), you have then opened up a "trusted" path between the internet and the handler in question.  If in the case of Origin or Steam (because this vuln affects Steam too), that browser plugin is actually executing whatever code is found at the URI, it executes that code with your user priviliges, and doesn't stop to see if it's the intended executable or some malicious payload.  

And this come back to "if you don't know what it is, don't click on it" because who would ever install something that they have no idea what it is?

That's like a hooker without a condom.

[adamBIOTIC]

Click on me, I have a new Patch for you guys muahaha

Thanks for the warning though!

Modifié par adamBIOTIC, 19 mars 2013 - 10:19 .

[DeltaSerpentis.m]

Kittstalkur wrote...

Aside from Diablo 3, Blizact hasn't been doing too horribly lately. Though EA's been making a far bigger mess of things, so they've gotten far more attention.

I was wondering if someone would bring up Dia-fiascio III...Blizzard actually has two of the 5 worst launches in history under it's belt, Diablo III and WoW (not that many people here are probably old enough to rememeber that launch...)