World of Warcraft Screenshots Contain Your Account Info

[IanDavis]

World of Warcraft Screenshots Contain Your Account Info

Blizzard may be using account details hidden in screengrabs to hunt down pirates.

Taking a screenshot in World of Warcraft might do more than just show off your full armor set. Clever posters over at <a href=http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-general/375573-looking-inside-your-screenshots.html>OwnedCore discovered data hidden inside their screenshots. In-game pictures contain your account ID, a timestamp, and the IP address of your server. The data is encrypted by a technique called steganography, which hides a secret watermark in each picture.

While actual account passwords are not revealed, it remains possible that hackers could somehow use this data to harass or compromise your account, especially now that this technique is in the open. Basically, when it comes to matters of account security, it's generally best not to disclose anymore than you have to.

While Blizzard has yet to issue any official announcement on the discovery, the watermarking seems to be a way to root out private servers or other infringing activities. By reporting the server IPs Blizzard could locate and shutdown pirated games, especially if any users were silly enough to post screenshots on official forums.

This watermark can be found on screenshots going all the way back to 2008, around the time of the Activision-Blizzard merger.

Thankfully, the fix is pretty easy. Concerned players can either use high-quality screenshots (using the '/console SET screenshotQuality "10"' command), or use a third party screenshot utility to ensure their details don't inadvertently leak out.

Source: <a href=http://www.rockpapershotgun.com/2012/09/12/wow-screenshots-allegedly-include-acct-names-ip-info>Rock Paper Shotgun

Permalink

 

[Aeshi]

Couldn't you just use the "Printscreen" button[footnote]or 'Shift+3' if you're playing on a Mac.[footnote]and whatever the Linux version of those two are I guess.[/footnote][/footnote] to get around this?

Because if you can then anyone stupid enough to get caught by this deserves the fate they get.

 

[Fappy]

Shady practice is shady. Good thing I never shared any of my old screenshots.

 

[lancar]

sneaky. verry sneaky

They could've encrypted the hidden text as well, though, so that it needed a key only blizzard had to unlock. That way a discovered watermark would still only be gibberish to anyone else.

 

[Shinsei-J]

Wow, 2008, it's incredible that this info has been hidden for that long.
Impressive Blizzard, impressive.

 

[LordLundar]

Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

 

[KeyMaster45]

Couldn't you just use the "Printscreen" button[footnote]or 'Shift+3' if you're playing on a Mac.[footnote]and whatever the Linux version of those two are I guess.[/footnote][/footnote] to get around this?

Because if you can then anyone stupid enough to get caught by this deserves the fate they get.

Print screen is how you take screenshots in WoW, then the game automatically saves what you took to the WoW folder. Also up until now nobody knew about this so they had no reason to be afraid of letting the game auto save the picture. It's had that function since it's release in 2004 and according to the group that found this the watermarks don't show up on any screenshots prior to Blizzard's merger with Activision in 2008.(apply tinfoil hat if you so feel like) As it stand anyone who's posted a screenshot since 2008 to the internet was caught by this, so it's rather callous to say they deserve whatever happens when they had no idea of a security threat in the first place.

 

[DugMachine]

Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

Dunno if this is legit but you sound convincing so guess nothing to worry about . Never shared my screenshots anyways

 

[Rainforce]

and whatever the Linux version of those two are I guess.

That's also the print screen button, just like on windows.
OT: well....gentlemen, it's time to get your tinfoil hats out. [http://www.ehow.com/how_2049858_make-tinfoil-hat.html]

 

[Aeshi]

Print screen is how you take screenshots in WoW, then the game automatically saves what you took to the WoW folder. Also up until now nobody knew about this so they had no reason to be afraid of letting the game auto save the picture. It's had that function since it's release in 2004 and according to the group that found this the watermarks don't show up on any screenshots prior to Blizzard's merger with Activision in 2008.(apply tinfoil hat if you so feel like) As it stand anyone who's posted a screenshot since 2008 to the internet was caught by this, so it's rather callous to say they deserve whatever happens when they had no idea of a security threat in the first place.

Are you sure? Because on my copy of the game "Take Screenshot" is bound to my Home key, and I can still take pictures with Printscreen and then pasting the result into Paint.

Perhaps that does justify it a tiny bit, but you'd still have to be pretty stupid to get caught out by that when you've found a workaround for literally everything else. (and of course they had no idea there was a Security Threat, that's what makes it a "Security THREAT" and not a "Security mild inconvenience")

 

[Fliegar]

Think logically for a second. Blizzard is actively trying to get people to be more secure with their accounts. They really get nothing but a headache if your account gets hacked. If they were to release your account name, or any information that could be used to steal your account, they'd just make things harder on themselves.

The server IP is exactly what LordLundar said. They're not going to somehow trace your IP based on the watermark. The User ID is the unique identifier for each account in the database, or each set of entries. If they had access to Blizzard's database, they COULD technically match it up and find your account name, but your password will still be stored as encrypted data.

 

[Rad Party God]

Well, it's a good thing I always took my pictures with Xfire and even if I'd still play the game, I'd use Steam; I never take pictures from inside the game, I always use a third party software for my pictures.

 

[Gameguy20100]

Blizzard is doing this to help us right i feel like a lioness when the male has eaten her cubs i dont know where we stand anymore and they arnt having any of my zebra to night thats for fucking sure

 

[Baldr]

Pretty sophisticated technology for 2007. Still don't know about what the data actually contains.

 

[Mike Kayatta]

Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

So, when you say if "anyone had done ANY research into the information", you'd hoped that the author of this post would have reported that "It's the Account ID" and the "SERVER IP." So, basically, precisely what he wrote in the article.

In-game pictures contain your account ID, a timestamp, and the IP address of your server.

I'm very confused as to what grounds you attack both Ian and Andy.

 

[Ferisar]

Actually, if anyone had done ANY research into the information they would find that any of the information is useless outside Blizzard.

-It's an Account ID aka an alphanumeric code only used inside Blizzard and without the database linking a proper account name with their account ID it's useless.

-It's the SERVER IP not the PLAYER's IP. Someone trying to run a trace will find out it's only the server they're trying to harass.

I will repeat: There is NO information in that watermark that is useful to anyone outside blizzard.

Knowledge is power and the people perpetuating this BS paranoia are clearly unarmed. Apparently Andy isn't the only one who can relink bad articles.

So, when you say if "anyone had done ANY research into the information", you'd hoped that the author of this post would have reported that "It's the Account ID" and the "SERVER IP." So, basically, precisely what he wrote in the article.

In-game pictures contain your account ID, a timestamp, and the IP address of your server.

I'm very confused as to what grounds you attack both Ian and Andy.

Considering all news articles are dictated by tone of writing, I can see him having beef with a written piece that says, out of the blue: "While actual account passwords are not revealed, it remains possible that hackers could somehow use this data to harass or compromise your account, especially now that this technique is in the open".

You can use this data inasmuch as I can use random e-mail scams targeted at the WoW demographic via just sending said e-mails to random people in hopes one of them is silly enough to type things into places they shouldn't. The information provided in these screenshots is useless, and creating unnecessary paranoia is, well, unnecessary.

The mis-quote wasn't necessary, however. The particular piece of information in what these screenshots contain was reported correctly.

Maybe explain what "server IP" means for simplicity's sake, but honestly the rest is, in my humble opinion, written tone.

 

[KeyMaster45]

Print screen is how you take screenshots in WoW, then the game automatically saves what you took to the WoW folder. Also up until now nobody knew about this so they had no reason to be afraid of letting the game auto save the picture. It's had that function since it's release in 2004 and according to the group that found this the watermarks don't show up on any screenshots prior to Blizzard's merger with Activision in 2008.(apply tinfoil hat if you so feel like) As it stand anyone who's posted a screenshot since 2008 to the internet was caught by this, so it's rather callous to say they deserve whatever happens when they had no idea of a security threat in the first place.

Are you sure? Because on my copy of the game "Take Screenshot" is bound to my Home key, and I can still take pictures with Printscreen and then pasting the result into Paint.

Perhaps that does justify it a tiny bit, but you'd still have to be pretty stupid to get caught out by that when you've found a workaround for literally everything else. (and of course they had no idea there was a Security Threat, that's what makes it a "Security THREAT" and not a "Security mild inconvenience")

Print screen is what's always done the trick for me, then again it never occurred to me that they would also bind that function to the home key. I'm not saying that there aren't options to workaround this problem, just that since this is something that effects people's posted screenshots going all the way back to 2008 that unless they've kept a detailed account of where they've uploaded/posted/linked them you can't really say they deserve negative consequences. (then again I don't think anyone actually deserves to have their personal accounts compromised, especially to threats they had no prior awareness of) Even now that it's out in the open there will remain people who never hear about this and continue on their merry way.

Those of us who are actively concerned about our online security we'll patch this little leak in our defense and then turn our attention to why the crap was this deliberately put there in the first place. Though the sad fact is a vast, vast majority of people are complacent or simply naive about their online security. The Blizzard CS forums are testament to that with the multitude of people who's accounts are hacked and have no idea how it could have happened. Lord knows Blizzard has tried to idiot proof their system (though this incident dose raise questions about wtf they were think with this watermark) and yet accounts are still compromised. What may seem like common sense security measures to you or me is something that someone else would have never dreamed they'd need to watch out for. Unfortunately most people don't become concerned about their security until after they've been hit with the consequences, and even then there will steps they could take which they will either not know of or understand how to carry.

The solution to this particular problem may be simple, but I don't agree that anyone who is affected negatively deserves those consequences. Especially because they'd be the direct result of Blizzard plastering just enough info so the account hackers can get their foot in the door.

 

[Viper114]

When they say "server IP" I think they mean which server you are connected to in order to play WoW, rather than your personal IP. Because the way I see it, they're wanting to see if the IP address is one of their own servers, and if it isn't, they've found out the IP of the server that's illegally hosting the game so they can stamp it out.