back to article Double KO! Capcom's Street Fighter V installs hidden rootkit on PCs

A fresh update for Capcom's Street Fighter V for PCs includes a knock-out move: a secret rootkit that gives any installed application kernel-level privileges. This means any malicious software on the system can poke a dodgy driver installed by SFV to completely take over the Windows machine. Capcom claims it uses the driver to …

Anonymous Coward

Secret Rootkit! HADOUKEN!!!

Has SONY bought CAPCOM?

45
0
Pint

Re: Secret Rootkit! HADOUKEN!!!

Nope, but I suspect it may be a case of the Konami- ie CEO position usurped by corrupt corporate executive, who demands DRM because more money. You'd think something was up when someone as high ranking as Keiji Inafune packs up and leaves.

2
0
Silver badge

Re: who demands DRM because more money.

It's not DRM, it's anti-cheating. Still stupid, but for a nobler reason.

2
0
Anonymous Coward

Re: Secret Rootkit! HADOUKEN!!!

No, Hillary Clinton did. She needs a new server or two for her emails.

0
0
Silver badge
Facepalm

Un-fucking-believable.

Will any of these companies ever realise that when another company is caught with its pants down doing something stupid like this, the lesson they should learn is NOT TO DO the same thing, not TO DO the same thing.

44
0
Silver badge

All it would take is for a Fortune 100 CEO (looking at you Wells Fargo) to do a perp walk (forget convicting him even if you do the SCOTUS will overturn it). Which means yeah never.

13
1

A few hundred thousand malicious damage charges might get...

...the message through.

1
0

Why the double standard here?

Why is it that this sort of behavior is 'criminal activity' when an some folks do it, but an 'honest mistake' when companies do?

"Whoops! Sorry about that badly written backdoor, mates! Let's just put this whole thing behinds us. No harm done*!"

44
1
Silver badge

Re: Why the double standard here?

>Why is it that this sort of behavior is 'criminal activity' when an some folks do it, but an 'honest mistake' when companies do?

One has shareholders to blow.

8
0

Re: Why the double standard here?

Limited Liability, same reason no one goes to jail when the oil companies try to save a few pennies on piping, or when the banks steel millions. can't send a bit of paper to jail, or can you?

11
1
Coat

Re: Why the double standard here?

It's the foundries that mill steelions.

20
0
Silver badge

Re: Why the double standard here?

Limited Liability does not apply to criminal proceedings against a person. It is a strictly financial concept.

The issue is that neither in Sony's case, nor here there was a prosecutor brave enough (and interested enough) to file charges.

15
0
Silver badge

Re: Why the double standard here?

Technically, not a double standard as somewhere deep in the T&Cs/EULA there will be a clause to the effect of "If you click the 'I agree' button this will give us the right to fuck with your gear at any level and in any way we see fit, because."

11
0
Headmaster

Re: Why the double standard here?

"Limited Liability, same reason no one goes to jail when the oil companies try to save a few pennies on piping, or when the banks steel millions."

Banks always do that. It's called a safe. It prevents burglars from taking said millions.

9
0
Anonymous Coward

T&Cs/EULA

However, it is generally the case that T&Cs cannot be used to negate legal rights!

9
0
Bronze badge

Re: Why the double standard here?

IANAL BIPOOTI, but intent. Admittedly intent also looks double-standardly if examined. Company putting code on your computer to harvest your private data: OK; you putting code on their computer to research their private data: crime. You accepted their software, albeit presented under pretences. They accepted your phishing email. Hmm, not much difference! Here the intent was to prevent misuse of the company's IP. But isn't there a caption for criminal negligence, reckless behaviour?

Too serious. Time for a singsong. After me, please:

"Fake fake fake

fake fake fake

fake BIPOOTI" (to the tune of "Shake Your Booty", for anyone under 50).

1
0
Silver badge
Childcatcher

Re: Why the double standard here?

The issue is that neither in Sony's case, nor here there was a prosecutor brave enough (and interested enough) to file charges.

Seems a class action lawyer could have a good time with this given there is an easily definable class and arguably malicious action which could lead to claims of all sorts of issues for Sony's paying customers.

1
0
Angel

Re: Why the double standard here?

Erm, in Sony's case they actually were sued. By, of all entities, the State of Texas. I mean, you really know you've truly fucked up when the State of Texas sues your corporate ass.

4
0
Unhappy

Re: T&Cs/EULA

"However, it is generally the case that T&Cs cannot be used to negate legal rights!" That might be the case where you are, but I am not at all sure it is true here in the US.

0
0
Anonymous Coward

Re: Why the double standard here?

somewhere deep in the T&Cs/EULA there will be a clause to the effect of "If you click the 'I agree' button this will give us the right to fuck with your gear at any level and in any way we see fit, because

This company will be begging on its knees hoping that you forget that you cannot bind someone contractually to accept what is a criminal offence, because the "contracting party" as it were that you would have to deal with is the government, not the user.

You can't put in a contract "by playing this game you permit us to rob you blind and murder your first born" because both are classed as criminal offences.

The problem is thus not the contract, but law enforcement. No doubt the company is already busy hastily filling the coffers of relevant election campaigns to prevent any DAs from picking this up as something worth dragging through the courts. It can feel confident that it has at least some protection in that area, because the first DA to actually do the right thing would create a precedent that could harm a great many of these campaign contributions, for none of these companies would be able to cast the first stone. Yes, I'm a cynic, so sue me.

But by God, the industry needs a harsh kick up its collective rear ends for going back to respecting its customers, a kick harsh enough to resonate for a couple of years.

1
0
Anonymous Coward

The article fails to mention that after such update, the majority of PC players was unable to launch the game AT ALL.

4
0
(Written by Reg staff) Silver badge

Re: Anonymous coward

"the majority of PC players was unable to launch the game AT ALL"

Source?

C.

6
0
Silver badge

Re: Anonymous coward

"The article fails to mention that after such update, the majority of PC players was unable to launch the game AT ALL."

Grammar?

5
2

Re: Anonymous coward

Grammar. "Majority" is a singular noun, therefore "was" was correct.

7
7

Re: Anonymous coward

The majority is referring to which group of players was being discussed, the players being a plural therefore were is more correct.

10
2

Re: Anonymous coward

Incorrect.

(I take it you aren't a programmer? If you don't stick exactly to the language rules, stuff won't compile.)

2
2
Silver badge

Re: Anonymous coward

@diodesign there seem to be a problem with Steam edition of the game

1
0
Silver badge

Bah!

Well, as long as it was for something important ...

5
0

Capcom

I don't remember buying any Capcom games in the past, and I don't believe I'll be buying any in the future.

19
2
Silver badge

Re: Capcom

They do the Resident Evil series, which I've been looking at getting legit versions of. Guess I won't be doing that now, and will seek them elsewhere.

2
1
Silver badge

Re: Capcom

RE: "and will [now] seek them elsewhere"

Yep. Why pay for your rootkit when you can get rootkit elsewhere for free.

10
0
Anonymous Coward

to uninstall...

Press: Down, UP, Left Shoulder Button, Right Shoulder button, A, B and Start....that should soft out the update.....or give you 10 STAR TURBO speed, i can't remember which?

1
0

Re: to uninstall...

I thought that did a combo breaker?

(Oh sorry, that's the other other one.)

2
0
Silver badge
FAIL

History? Learn?

You know the rest... Apparently, they don't.

2
0
Silver badge
Alert

SMEP

Too late explaining the acronym in the next paragraph, I Googled it at the second mention thinking it wasn't going to get explained and got something completely different.

4
0

So that's M Bison's new power

Rootkit attack! Your PC is now working for Shadaloo!

3
0

Re: So that's M Bison's new power

Seems like something more at home in a Metal Gear game. When Psycho Mantis first read the contents of my PS1 memory card it blew my mind.

5
0
Silver badge
Pint

Door is securely locked. Jiggle handle to open.

"...an application simply has to pass control codes 0xAA012044 and 0xAA013044 to the IOCTL, and a pointer to some instructions, and the driver will then jump to that block of code with full kernel permissions."

Seriously?

I'm not saying that some (Microsoft in this case) coders are incompetent morons, but if they were....what would be different?

8
4
Silver badge

Re: Door is securely locked. Jiggle handle to open.

What's MS got to do with this?

2
5
Silver badge
Pint

Re: Door is securely locked. Jiggle handle to open.

Dan asked "What's MS got to do with this?"

It's a PC, presumably Windows.

So this OS security failure has nothing to do with the OS then?

OS can't accept any responsibility for such root kits?

Really?

8
4
Anonymous Coward

Re: Door is securely locked. Jiggle handle to open.

It's a CPU level security feature. It's intel and AMDs fault for alllowing it to be disabled in the first place!!

No OS can be secure with such a gaping security hole in the hardware!!

Oh, wait. This can only happen if you install a malicious binary and click through the security dialogs? Maybe you should just not do that then...

3
1
Silver badge
Pint

Re: Door is securely locked. Jiggle handle to open.

AC "...you install a malicious binary..."

"You" who? You mean, like, manually? With bent paperclips and a battery? Or is the OS involved?

I don't think it's tenable position to claim that the OS is blameless here. Especially one that claims to provide security.

Why would the OS even allow USER CODE access to the CPU's security feature? Clear MS FAIL. They'll probably patch it next month.

AC "...click through the security dialogs..."

Are you sure that there were explicit warnings from the OS about the root kit that came with this game? I'll betcha that there were not any such thing.

It seems that my point stands. Arguable, sure. But still clearly valid.

5
4
Silver badge
Pint

Re: Door is securely locked. Jiggle handle to open.

Me, "Clear MS FAIL. They'll probably patch it next month."

Same or very similar to this...

El Reg: "The MS16-098 patch, issued in August, fixes privilege escalation bugs in kernel-level drivers..."

4
1
Silver badge

Re: Door is securely locked. Jiggle handle to open.

It's not an escalation bug, it's done by design.

If someone installed some software on Linux which included a Linux kernel module which when called executed arbitrary code with kernel permissions, would that be Linux's fault or the software developer's? I'd say it's the second.

5
1
Anonymous Coward

What... nobody mentioned the NSA yet? Reg Commentards are getting slack these days.

6
0
Anonymous Coward

We are tired.

We are just waiting for the hammer to fall.

(Now the Obama administration is starting to look into Trumpic "Kremlin ties" ... I kid you not. Do they have anything to do? Except walk away from negotation tables like butthurt chihuahuas? The priorities in this world are very clear. Very, very clear.. Let fire from heaven take them all!)

0
7
Anonymous Coward

Sorry I'm late...

NSA-mandated backdoor, obviously.

1
0
Anonymous Coward

Re: We are tired.

Now the Obama administration is starting to look into Trumpic "Kremlin ties"

Well, that has taken them long enough. Anyone else publicly encouraging the Russians to break into ANY US entity's resources, let alone commit a clear hostile act by attacking government resources at that would have had a visit from people with a penchant for dark suits and sunglasses by now, but there appears to be an exemption for people with orange skin and weird hair (which, rumour has it, would include a large portion of Essex youth, but let's stay with the topic).

Do Presidential candidates get a free pass from criminal prosecution?

5
0

anti-crack solution (note: not DRM)

Uh-huh. Call it what you want, it's still malware.

10
0
Anonymous Coward

Re: anti-crack solution (note: not DRM)

Uh-huh. Call it what you want, it's still malware.

Yup. That implementation amounts to causing wilful damage to a computer. Well, OK, so does installing Windows, but that's generically a bad idea that is industry accepted, but making it worse has definitely a criminal aspect to it. What's more, they've just admitted so by stating they won't stop doing it, no, they will only change what they're doing which translates as making the backdoor harder to find..

1
1

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017