back to article Flight Simulator's DRM fighter nosedives into Chrome's cache

A Chrome password dump tool found in the latest update from Microsoft's Flight Simulator Add-On wrangler, Flight Sim Labs, has virtual pilots up in arms. The download featured updates to the Airbus A320 model including improvements to the engine crank and flare mode logic and, er... a password harvester for Chrome. Noted in a …

Re: They are probably Android developers as well

It is concerning how much data apps can extract, either directly or as part of the analytics framework, without triggering a request for permission.

Don't use Android without xposed+xprivacy!

I don't suppose it is any different with ios though?

1
0

Oh and also not sending the passwords in encrypted format.. Bastards

https://www.fidusinfosec.com/fslabs-flight-simulation-labs-dropping-malware-to-combat-piracy/

An update from a pentest company that describes that the passwords are sent in plaintext to their heztner hosted server

10
0
Anonymous Coward

After this farce the last thing they'll be worrying about is piracy....

a) no one in their right mind will ever buy or install anything from them again

b) they may well end up in court.

9
0
Anonymous Coward

Actually the pirated version, assuming from a, ehem, reputable ripping group, is probably safer than the official version, as all the malware/DRM would have been removed or bypassed as part of their packaging.

10
0
Mushroom

Indeed

I have a pretty good Prepar3d based flight sim setup. It is rather helpful for my current level of flight training.

Now I have not, and as from now I never will, purchase a product from these clowns ever.

1
0
Silver badge
Facepalm

They'll get away with it...you wouldn't!

They can install what they like, capture they like, apologise and it's all good. If you did this, your feet wouldn't touch the ground before you'd be in front of the beak!

13
1
Silver badge

Re: They'll get away with it...you wouldn't!

@FuzzyWuzzys

No idea why you got downvoted, but you are spot on. If an individual does this to a company, if they get caught they go to court because a Police complaint is made and it's taken seriously. All it should take is one single complaint to the Police over this case and investigation should start. But you know it won't happen, If, and it's a big if, there is enough of an outcry, then maybe some government department might be persuaded to start some sort of weak investigation and wrists might be slapped, maybe a small fine.

10
0
Silver badge

Re: They'll get away with it...you wouldn't!

They can install what they like, capture they like, apologise and it's all good.

I would not be so sure. Depends who deals with this. If they pissed off a flight sim fan who happens to be a lawyer or work in CPS they may be up to a very unpleasant experience. Unfortunately as with many other things the only exemption to "we, in the UK, have one of the best legal system money can buy" is when you are dealing with members of said system.

2
0
Silver badge

Mind. Boggle.

1
0
Bronze badge
Alien

All your passwords

Are belong to us.

3
0
Silver badge

Blunt weapon

Of course the fact that they sniffed passwords from innocent people's PC's too is fine, sure they won't mind at all - because <insert bad phrase>

Its malware however you look at it. Trust is built up slowly but lost in an instant.

Does this affect those who play flight sim through Steam too ?

2
0
Anonymous Coward

Re: Blunt weapon

They did, as far as it has been described, not sniff passwords from all users.

Flight Simulator in itself was not affected. It was the installer of the FSLabs products, which are FS Addons.

1
0

Crucify them

Well that's about all I have to add really

1
0
Anonymous Coward

Has anyone reported them to the FAA?

0
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018