Google Engineer Discovers Vulnerabilities In Ubisoft’s DRM System

Tavis Ormandy – engineer for Google – stumbled upon what seems to be a serious vulnerability in Ubisoft’s DRM system. After purchasing an Ubisoft game, he found out that its Uplay browser plugin may have some security issues as it allows remote and “wide access” to machines running the DRM.

DRM stands for Digital Rights Management and is an essential tool against piracy as it lets developers to control who can copy, install and use their products. However, the DRM system often failed to work properly, thus leading to unwanted side-effects – cause of frustration for legitimate users.

According to Tavis Ormandy, the Uplay DRM system (developed and used by Ubisoft) can make things even worse:

“While on vacation recently I bought a video game called Assassin’s Creed Revelations. I didn’t have much of a chance to play it, but it seems fun so far,” he wrote on the Full Disclosure mailing list yesterday.

“However, I noticed the installation procedure creates a browser plugin for its accompanying Uplay launcher, which grants unexpectedly (at least to me) wide access to websites. I don’t know if it’s by design, but I thought I’d mention it here in case someone else wants to look into it.”

After a day he was back with an update:

“I got it working,” he said.

“I submitted it to Ubisoft via the online form.”

What we understand from this is that hackers can easily take advantage on this vulnerability as soon as they figure it out, opening doors for malicious software, keyloggers, bots, etc.

The list of games using Uplay DRM is extensive; some of the biggest names include the Assassins Creed series, Call of Juarez: The Cartel, Driver: San Francisco, Silent Hunter 5: Battle of the Atlantic, and Tom Clancy games. A full list can be seen here.

• 

• 

• Recent Posts

  • The Pirate Cinema – Displaying Downloads As They Happen
  • Online Streaming Makes BitTorrent Drop Considerably in US, Report Claims
  • Teacher Detained By Police After Uploading A $4 Dollar History Book
  • Two Major Movie Hubs Blocked By UK’s ISPs
  • WhereToWatch.org – MPAA’s “Plan” To Curb Piracy

• Advertising

• Archives

  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008

• Useful Links

  Mp3Treat
  Immunos
  Download-Boosters
  Downeu
  Movie Database

• MUSIC TORRENTS

  • Slade - Greatest Hits Feel The Noize [Bubanee]
  • Brotha Lynch Hung & MC Eiht - The New Season (2006)
  • Ganyani - House Grooves 8
  • Quarterflash - Quarterflash 1981 EAC FLAC
  • DJ Revolution - R2k Version 1.0 (1999)
  • Bootsauce 5 Albums
  • Christopher Cross - Definitive Greatest Hits [Bubanee]
  • Mafikizolo - Reunited
  • Scooter - Discografi [studiinie albomi] (1995-2012) [FLAC]
  • Ingrid Lucia - 2004 - Almost Blue FLAC

• MOVIE TORRENTS

  • Snitch 2013 BRRip XviD AC3-SANTi
  • Fast And Furious 6 2013 CAM NEW AUDiO XViD - JUSTiCE
  • Snitch (2013) 1080P DTS + DD 5.1 Custom NLsubs NLtoppers
  • La Revolucion de Juan Escopeta (2010) DVD NTSC Latino
  • Snitch 2013 BDRip XviD-AN0NYM0US
  • Snitch 2013 720p BRRip x264-PLAYNOW
  • Hang Loose 2012 HDRip XVID AC3 HQ Hive-CM8
  • A Good Day to Die Hard 2013 RERIP DVDRip XviD-SPARKS
  • The Pledge 2001 720p HDTV x264-PLAYNOW
  • Iron Man 3 2013 720p R6 HDScr ENG-SUBS AAC $MURDER$

• PC GAMES

  • Resident Evil Revelations DLCS Repack By Rick Deckard Uploaded NASWARI ZOHAIB
  • Resident Evil Revelations Repack By AudioSlave Uploaded NASWARI ZOHAIB
  • Fast Furious Showdown 3DM
  • Metro Last Light Update 3 P2P
  • Red Orchestra 2 Rising Storm by RG GameWorks
  • Chronicles of Vida The Story of the Missing Princess HOG Puzzle Wendy99
  • Resident Evil Revelations FLT
  • Resident Evil Revelations FLT
  • Resident Evil Revelations RePack
  • Hydrophobia Prophecy RePack By R G Mechanics Uploaded NASWARI ZOHAIB

• 

• Site Navigation

  • FAQs
  • File-Sharing Programs/P2P Clients
  • Glossary
  • How-to Guides/Tutorials
  • P2P File-Sharing Guides
  • P2P Reviews
  • Top 10 Most Popular P2P File Sharing Clients of 2010/2011
  • Top 12 Best Mac P2P Clients
  • Top 20 Bit Torrent Search Engine Sites
  • Top Watch-for-Free Sites
  • Best Torrent Sites (profile lists)
  • Tips, Apps & Services
  • Torrent Search
  • Top 6 Internet Download Managers
  • Fileshare Newser (app) – All about FileSharing, Copyright and Internet Freedom
  • Top 10 Most Popular P2P File Sharing Clients of 2011/2012
  • Tips, Apps & Services

• Advertising

• News Areas

  • Announcements & Events (2865)
  • Digital Media, Mobile Phones, P2P technology (293)
  • Downloads (715)
  • Entertainment Industry (566)
  • File-Sharing Programs, Networks & Services (1345)
  • Legal P2P News & Issues (1245)
  • Movies, MP3, Digital Audio & Games (660)
  • Tops (455)

• Tags

  anti-piracy Apple BitTorrent copyright copyright infringement digital music downloads Facebook file-sharing file-sharing crackdown file sharing applications file sharing service file sharing sites free downloads free music downloads games gaming industry google iphone ISPs legal Legal P2P News & Issues limewire MegaUpload movie downloads movies MPAA music music downloads music industry p2p p2p clients p2p leaks p2p technology piracy riaa social networking The Pirate Bay top downloads top movies torrents UK US uTorrent YouTube

• Download our Android app

  
  
  

• Get your own P2P toolbar

  Featuring: P2P News, Tips, Radio, etc.

• Advertisment

• DOCUMENTARIES

  • Il Grande Nord Doc
  • Pina 2011 720p BluRay CRITERON DTS x264 PublicHD
  • The Revisionaries DVDRip x264 NoGrp
  • THE DOORS MR MOJO RISIN 039 THE STORY OF L A WOMAN ALL XTRAS
  • Freddie Mercury The Great Pretender 2012 1080p BluRay x264 PublicHD
  • Shree 600MB WEBRip X264 DDH RG
  • FEU Crazy Horse Paris 3D
  • Known Universe Alien ContactHDTVRip aaaevilacharya
  • Natural Killers Tigre delle PaludiDoc
  • FEU Crazy Horse Paris 2012 BluRay 720p DTS x264 HDCLUB

• About Us

  We are devoted to peer-to-peer (naturally), file sharing, digital media and more. Our website offers useful guides, an extended list of file sharing applications, reviews of the most popular p2p clients and ample p2p related articles. We keep you posted with the hottest p2p news daily and, basically, accompany you through all that peer-to-peer has come to mean. (You can contact us at Contact@p2pon.com)