Jump to content
Awoo.

EA's Origin service has a bug that lets people hijack your PC


Badnik Mechanic

Recommended Posts

The ride never ends...

 

It would appear that Origin has a major security flaw in it which means someone can hijack any PC that is using Origin.

 

Last Friday the Black Hat security conference in Amsterdam demonstrated the flaw and how it can be used to attack a PC. The attack works by manipulating the uniform resorce identifiers that EA uses to automatically start games on a users PC.

 

By exploiting flaws in both the PC and MAC version of Origin, the attacker can effectively turn the users Origin into an attack platform which is capable to install malware and various other nasty things on a users machine.

 

You want to know why this is even more outrageous? Because the exact same exploit was posted about Steam in October of last year, no really, it's almost the exact same method, EA just didn't bother to check if the flaw was in their system, which it turns out it is.

 

I've not posted the video showing this attack for obvious reasons, but it literally takes several seconds to do and the unsuspecting user doesn't even have to do anything on their end, the attack can be happening whilst they're online and they wouldn't notice.

 

Source: http://arstechnica.com/security/2013/03/bug-on-eas-origin-game-platform-allows-attackers-to-hijack-player-pcs/

 

Link to comment
Share on other sites

ITT: EA is literally hitler

 

Do you guys also hate Steam? It has the same flaw.


Firefox Fix: http://www.reddit.com/r/Games/comments/11kib1/steam_security_issue_crosspost_rgaming/c6nepgq

Chrome Fix: http://www.reddit.com/r/Games/comments/11kib1/steam_security_issue_crosspost_rgaming/c6ngatw

 

According to the comments, the fix for Steam should work for Origin.

  • Thumbs Up 1
Link to comment
Share on other sites

ITT: EA is literally hitler

 

Do you guys also hate Steam? It has the same flaw.

Firefox Fix: http://www.reddit.com/r/Games/comments/11kib1/steam_security_issue_crosspost_rgaming/c6nepgq

Chrome Fix: http://www.reddit.com/r/Games/comments/11kib1/steam_security_issue_crosspost_rgaming/c6ngatw

 

According to the comments, the fix for Steam should work for Origin.

 

Yeah thats why I said it's the same flaw in the opening post.

 

Which also just goes to show just how bloody stupid EA are.

 

"Hmmm ok, we have an online service similar to Steam that works in almost the same way ours does... it's just got a major security flaw which has been well publicised... hey do you think we should test ours to see if it has the same issue?"

 

"Nah.... I'm sure it's fine"

Link to comment
Share on other sites

EA Simcity and now this. Ha ha ha, oh wow! It's like the gaming powers that be decided to heed the cries of gamers everywhere and decided that 2013 would be the year to punish EA and expose all of their tomfoolery!

Link to comment
Share on other sites

You know, at first I thought people hated on EA because it's the cool thing to do. But the more I look at it, these guys don't deserve a second chance; they've been given way too many as is.

 

Seriously, this is just ridiculous. They could have easily checked for this, as would have been wise, but they didn't. With how readily available information is this day and age, there's no excuse.

 

EA just strikes me as the dangers of a monopoly in this day and age. They've no real competition due to the brand names they own and thus have no incentive to improve. They're not constantly on the verge of bankruptcy, so feel no need to improve. Normally such widespread corporate laziness and dishonesty would be punished with crushed sales, but everyone keeps licking up whatever they churn out.

Link to comment
Share on other sites

Why shouldn't they be given a second chance?

 

The CEO was fired and they're trying to fix the mess they started. They're giving away a free game if you bought Sim City and they're also doing a massive "Player Appreciation" sale on their website. I hope the "LEL EA IS LITERALLY HITLER XD" bandwagon stops after EA turns around. I've heard ridiculous comments on several websites.

 

EA isn't stupid either about their stocks. They ARE being hit hard so that is why they want to improve.

 

ERTS_2.jpg.jpg

 

Stock seems like it is going to recover slowly after a restoration of faith in EA.

 

https://www.google.com/finance?q=NASDAQ:EA

Link to comment
Share on other sites

Why shouldn't they be given a second chance?

 

The CEO was fired and they're trying to fix the mess they started. They're giving away a free game if you bought Sim City and they're also doing a massive "Player Appreciation" sale on their website. I hope the "LEL EA IS LITERALLY HITLER XD" bandwagon stops after EA turns around. I've heard ridiculous comments on several websites.

 

EA isn't stupid either about their stocks. They ARE being hit hard so that is why they want to improve.

 

I used to be optimistic about them too, but with all these recent announcements of how many lies they've been feeding the public, I'm not inclined to think they'll change unless everyone at the top is sacked. Unfortunately companies trend towards oligarchies as the people who end up on the board either own a ton of stock themselves or are in the pockets of a few big investors. Change is very difficult accordingly, but I think the financial motive will hopefully shake things up.

 

I used to think it was all bandwagoning, but all the damage they do to honest customers to try and prevent piracy, the lies about the servers, the lies about how hard it would be to play it offline, the outright laziness with this bug right here, is all making me consider. This isn't even touching on what they do to every great franchise they get their grubby paws on.

 

Now, as a person who comes from a fandom that regularly gets hated on even after its turnaround, I can be understanding. But until EA changes its act, I'm going to continue viewing them with disdain. The ball's in their court; if they show themselves to be a responsible, honest corporation that isn't obsessed with squeezing the fans for money, I will absolve them of their sins. Until then...

  • Thumbs Up 1
Link to comment
Share on other sites

and they're also doing a massive "Player Appreciation" sale on their website. I hope the "LEL EA IS LITERALLY HITLER XD" bandwagon stops after EA turns around. I've heard ridiculous comments on several websites.

 

 

Nobody in this topic or in the other EA disaster topics has said EA is literally hitler so I don't really get what point your trying to win with that one.

 

As for this 'appreciation sale' depending where you live seems to depend on how much EA appreciates you. In some places EA appreciates you 20% less than others.

 

EA isn't stupid either about their stocks. They ARE being hit hard so that is why they want to improve.

 

Meanwhile, in the Battlefield 4 website source code

 

otheGJb.jpg

 

SLQJc.gif

 

EA Challenge Everything, Bribe the rest.

  • Thumbs Up 6
Link to comment
Share on other sites

Nobody in this topic or in the other EA disaster topics has said EA is literally hitler so I don't really get what point your trying to win with that one.

I'm not sure if you browse other websites, but it's an exaggerated expression. I've seen lots of people bag on for EA for a while which became a running gag on websites like Reddit. People would try to pick at EA for the dumbest reasons just because... EA. It's funny because some of their practices are the same as other companies but since it's EA, may as well bag on them.

 

As for this 'appreciation sale' depending where you live seems to depend on how much EA appreciates you. In some places EA appreciates you 20% less than others.

Aw! That stinks that the sales aren't global. Oh well, I got back happiness from them with the amount of money I saved. Hell of a deal to save $60.

About the source code

While it could be something shady, it isn't necessarily. EA may have had a press event already, with coverage embargoed, and may have had a peek at IGN's preview in advance. That itself might be a bit shady - showing a preview to the publisher pre-publication - but if the preview was otherwise an honest piece with no interference it wouldn't be THAT shady. However, on the other end of the scale it could also be a bad case of full-blown PR-orchestrated journalism/marketing deal. Just not necessarily :P

This crossed my mind first. But yeah, paid marketing isn't really anything new. Don't tons of companies partake in this shady scheme?

Link to comment
Share on other sites

So what is that, basically? It's putting an ad for IGN on the website or something...?

 

It is genius bribery; it'll send lots of traffic to IGN and that'll give IGN tons of ad revenue. As such, IGN's critics are sure to find their palms greased a bit...

 

The more I hear about EA's practices the more I hate them. I used to think it was bandwagoning but the more I look at it...

Link to comment
Share on other sites

The more I hear about EA's practices the more I hate them. I used to think it was bandwagoning but the more I look at it...

It's not that EA is perfect, it's that people have been exaggerating the "evils" about them.

 

Like I pointed out earlier, people will jump at anything EA does even if it's pretty stupid. Kotaku had an article on how EA was being "evil" by having an advertisement that jokingly said to raise the speed limit because Americans have the "Need for Speed." Honestly?

 

Reddit also had a similar situation with EA along with Apple. Maybe it's because I'm used to a ton of blind hate on Reddit, but that is what killed the whole EA hate thing for me. I know they do bad practices, but the exaggerations has simply made me think twice.

 

LOL EA RUNNING FOR WORST COMPANY IN AMERICA AGAIN

 

Just to make it clear - I do not think that EA doesn't participate in bad practices. I just find some of the mob mentality on the internet to be annoying. Reminds me of the whole Apple hate too while blindly defending the same practices from other companies such as Google. Or people defending Valve since they're "God Tier" while whining at other companies. Double standards?

 

Edit: To further reiterate my point, I'm going to take the top comment from Reddit's post.

 

You have banks on there that are illegally foreclosing on people's homes and trapping people in mountains of free and easy credit card debt and you're fucking worried about the Mass Effect ending and the Sim City servers? Really internet?

Edited by Autosaver
  • Thumbs Up 1
Link to comment
Share on other sites

Oh trust me, as soon as I hear about some other company doing this stuff I'll be on their case too. It's just we can pretty much prove EA's crap at this point with all these lies and instances of underhanded business practices on their part, so they're getting the most criticism. Other companies are probably wiser about it; it makes for bad PR. This is why I think the anti-used games chip won't come to pass; we've seen how vicious the gaming community's become over SimCity's required connection feature, so imagine the piranha pit gamers will turn into with that sort of nonsense (never mind all the countless throngs of people it'd put of out jobs).

 

On the other hand sometimes the hate seems irrational, such as towards Red Alert 3. To me it struck me like that was hated solely because EA was behind it rather than anything substantial. The game was fairly innovative by making nearly all units amphibious, and turning the craziness of RA2 up to eleven with anime empires, laser superweapons in Mt. Rushmore, and cannons that shoot people out of them to deploy them at a distance.

 

Of course, it's like paranoia: just because you think everyone's out to get you doesn't necessarily mean they aren't. Likewise, just because a lot of folks bash on EA doesn't mean there isn't some legitimate complaints about it... EA just gets the most flak because they're horrible at hiding this. It's very probable all the other gaming giants likewise do the same corrupt practices or wish to, but they're more cautious about it. You won't be able to sell anything if you peeve your consumer base off enough.

 

Basically, EA's suffering the backlash a politician would. When a politician says one thing and does something contrary to that, they suffer at the polls. EA's making all these claims about SimCity, but more and more evidence keeps turning up (from inside the company even) that it's a bunch of lies. If there's one thing practically no one can stand, it's a habitual liar. Practically everything in our world is built on trust and honor; what are you if you continually violate them?

Edited by Ogilvie Maurice
  • Thumbs Up 2
Link to comment
Share on other sites

Honestly, EA should of checked their crap when Steam had the same issue. This is poor QA on their part.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

You must read and accept our Terms of Use and Privacy Policy to continue using this website. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.