We’ve said it many times before and we’ll say it again: DRM is a digital cancer on the modern era. It is a continued failed attempt by organizations to artificially control something they can’t – the preservation of antiquated business models and anti-consumer practices. And once again, it is cause for a massive security hole.
Taking a nod from Sony’s good ‘ol root-kit days, a bunch of hackers have discovered that Ubisoft’s DRM on their latest titles installs a highly unsecure browser plugin that is essentially a gaping back door to your system. The problem with this is that, according to Hacker News, any website can tap exploit this hole(s) created by Ubisoft.
Skimming through some of the comments on Hacker News seems to indicate the hole wasn’t intentionally left (as some would argue in Sony’s case) and more-so the work of inexperienced developers. As TechDirt notes, the basic principle here was to allow a website to launch a game — completely acceptable and normal. Unfortunately, Ubisoft stopped there instead of limiting it to just the game in question which in turn opens the door to a whole host of problems. It’s also worth noting that, unlike Sony’s root-kit, this browser plugin in question is easily removed.
Something of this nature should be easily found and closed before shipping a multi-million dollar product to millions of people, no?
*Sigh* Once again DRM does far more harm than good.
List of “affected” games:
- Assassin’s Creed II
- Assassin’s Creed: Brotherhood
- Assassin’s Creed: Project Legacy
- Assassin’s Creed Revelations
- Assassin’s Creed III
- Beowulf: The Game
- Brothers in Arms: Furious 4
- Call of Juarez: The Cartel
- Driver: San Francisco
- Heroes of Might and Magic VI
- Just Dance 3
- Prince of Persia: The Forgotten Sands
- Pure Football
- Shaun White Skateboarding
- Silent Hunter 5: Battle of the Atlantic
- The Settlers 7: Paths to a Kingdom
- Tom Clancy’s H.A.W.X. 2
- Tom Clancy’s Ghost Recon: Future Soldier
- Tom Clancy’s Splinter Cell: Conviction
- Your Shape: Fitness Evolved