Security trough Stupidity

Lately, I've been doing some on-line gaming. This is perchance the only place where a PC is still a preferred platform for gaming. The reason why I've started playing is, of course, my girlfriend, who has been playing the game in question for a while, so I wanted to play with her. And that posed a problem. My PC is about 2-3 years old, uses an AMD Athlon64 CPU, but without virtualization support. While Xen works fine with para-virtualized guests, running a guest OS which doesn't support Xen isn't possible. So, I've decided to turn my eye on a commercial product - VM Ware.

Now, VM Ware, unlike Xen, can emulate a PC fully in software enabling users to run, as a guest, a OS which doesn't support virtualization. The problem is that, to create a virtual machine you need a product called VM Ware Workstation, costing about 300 USD. Ouch. However, to run a once created virtual machine, it is sufficient to use VM Ware player which is free, and comes with bundled with the Workstation. So, I've downloaded a trial version of the VM Ware workstation, and I was on my way.

The installation was quick and painless, although a bit lenghtly. I had a copy of XP around the house, so I've dedicated some 6GB of disk space to it, configured VM Ware via a user-friendly GUI and went on with the installation. Some time later, it was done. It takes time, but it gets done. Networking was a breeze, with VM Ware running it's own routing daemon all I had to do is setup a DHCP server, which it recognized, and reused for the virtual network. IN a few hours I had a fully working Windows XP guest running in an isolated environment.

Next step was to install drivers, which is also done using the VM Ware workstation menu. Not really hard, a truly windows-like click-click-click experience. A few minutes later I was aware that the VM Ware PCI graphics adapter had it's drivers installed :). Silly, but it does bring work up to speed and makes it more responsive. The final step, and the biggest reason why I chose VM Ware was - Direct 3D. By simply editing the .vmx file describing the virtual machine, and adding to it's end three lines :

mks.enable3d = "TRUE"
svga.vramSize = 134217728
vmmouse.present = FALSE


I've instructed VM Ware to enable Direct 3D support for the virtual machine. And, as dxdiag confirmed, Direct 3D was working. On to gaming :). I've downloaded the game, and started the installation. Now the installation took literally an hour, but, eventually, it worked. I had a Direct 3D game working under a virtual 3D adapter. Nice! And the nicest thing for home users is : that was the end of need for the VM Ware workstation software. From now on the free VM player could just as fine fire up that virtual machine, and run it, without the need to purchase the full product. How it ran is a different story...

While this is a major thing that VM Ware team did, the software isn't meant to run games, and doesn't do that very well. Now, the dislike goes both ways, and I've heard that the game manufacturers treat VM Ware as a "hacking tool", but still.... To run the game you must first allow the windows PC to fully boot. If you don't give it at least 5 to 10 minutes - it will crash. And I mean BSOD crash. Indeed, I've never seen Windows crash that much - not on a good PC. This is clearly a problem with the virtual machine, showing that, while this does work sometimes, it doesn't work as well as it should. It might be fun and interesting to use, and might even provide a testing ground for very, and I emphasize VERY, simple Direct 3D applications it's just not ready for production. Now, I am aware that it's a hidden, not-in-a-menu option just because of this, but still... It's very rough around the edges. Not working I could understand, error messages yes, but BSOD crashes and the need to reboot the virtual machine? Sorry guys, nice effort, but this software isn't still ready to be used as a test platform. Nice try, I'll continue playing with the player (pun intended), but as much as I need a test bed for my work this just isn't a production tool.

Now, back to the game and the security issues. The game in question, which for now I shall not name, has serious security issues. It's a free game, with income based on an existence of a "Cash shop" inside the game - an Asian concept which does make a lot of income. Players can log in and play for free, but can also purchase items which improve their looks. And we all know looks are everything on-line :). However, the free access policy also created a large number of people who abuse the game and use various "hacks" (small client-side scripts really), to cheat.

The first step the game company took was to use an anti-hacking software. It's one of those tools which load the game it self as a hidden process, disallowing the user to access the game, or even it's memory space directly. Not very elegant but working and, I'm guessing, the reason why they are against VM Ware - it allows you to access the memory of the entire OS, thus preventing such protection. Then again so does an ICE debugger... And, while I do support security, I find this very silly. Secondly, the software also monitors the system in a spyware-like manner, and search the memory for known "hacks". Not too bad an idea, I'd actually like it if the source to the tool was available, but not a very efficient one. You see, this only stops people from using game cracks that the developers are aware of - a new one cannot be detected, and in reality, the game is still full of those dumb kiddies.

Even worse, and the main reason I'm writing this, is the existence of people who steal others accounts. As real money is involved these accounts can be resold for cache, or at least abused. So, they tried to prevent at least that, by stopping the most obvious methods. One of which are, of course, keyloggers. Most of those kids go to warez sites and download various junk. Some even download these "hacks", to find out that they don't work. Or at least, that they aren't "game hacks" but something else. So, for the first time the game company comes up with a good solution. They institute a PIN, a 4 digit code just like on a credit card. And, to prevent keyloggers, the PIN has to be entered on a virtual keyboard by pressing keys with a mouse. And, to top it all of, the key layout is randomised after every key-press. It take a minute to enter a PIN, but the method is really good. Or it was. And here's why I've named my blog as I did.

After several complaints (I wonder form who :) ), the game company has decided to allow players to reset their PIN, trough a website, by simply entering their username and password. In effect they've decided to allow the users to "recover" the only data not collectible by a keylogger by entering data which the keylogger can pick up, and only that data. And they are keeping the anti-keylogger protection. This is just an "extra feature". Go figure.