From my point of view the easiest way to detect honorbuddy is to look at the client's open network connections. Like a "netstat /a" under windows...(even with non-priv. user rights) So maybe your "a bit paranoid" online-auth.-system is a really bad idea?
Performing that action with the users expressed permission (no not in the TOS) and/or viewing that information would be highly illegal in just about every western country I'm aware off. Blizzard doing that would be no different to reading your medial records- in regards to legal point of view.. I'm from a Australia- and I can assure you that's illegal here. Furthermore- It doesn't prove someone is botting- It simply means that have an active session to that server- that server could be doing many different things... not just authenticating users.
I don't think so. It is just "meta-data"(IP/Port). And also scanning your RAM is much more "highly illegal" Also here in Germany, but in Blizzards "view" you are allowing this by "pushing Accept". Have you ever heard that blizzard has to prove something in that case? I've read of "false positives" after the ban-wave.
I Was just about to make a thread and ask if there is a way that they could see everyone who is connected to HB servers somehow and do the bans that way!! You READ my mind!
They don't need a reason, they could do like B3rlin3r said and if you actively logged into wow when they do it, you get suspended/banned. They don't have to give you a reason they just have to suspect with any proof they like. I think if they could not actually detect honorbuddy, this would be the best way for them to do the ban they are not instant so they are coming in intervals and they are not setting off the tripwire. The more i think about this the more, i think of all those times you try to log in from another location get your account locked. I think this would be super easy for them to do and very clever use of detection and cheap as well i imagine.
All blizzard has to do is change a few GUIDs for spells...then they can tell that your input is coming from a third party program and not their client.
can they reverse engineer HB? i bed their whole anti cheat department are bending rules left right and centre. and their official stance will be deny everything, even when caught deny it. it would be good if someone at blizz became a whistle blower
It is possible to reverse-engineer HB. The access may be streaming (log-in with key), but it isn't that hard to get past that... ask any hacker.
Lol, what a funny post. What do you think the HB team did in the first place to create the bot? Did the code they need to change magically appear to them without any reverse-engineering? If what Blizz is doing is highly illegal, imagine what illegal activities the HB team had to do to create the bot.
That applies to all law. You aren't breaking the law until you're caught. Doesn't matter where you are.
I'm sure they could just see if the port is in use without any legalities since they're not checking whats using it. (Assuming it's not randomly assigned.) Then just filter that with click to move and 32 bit. GMs could just flip through their filter and catch everyone XD
not so much click to move as... 15 ticks per second. I think the world record for clicks in a second is 8 still.
you guys act like wow and warden are mysterious programs that have magic running though them that know one knows what they do or how they do it. if what your saying was a factor we would be aware of it. just like when EVERYONE noticed when valve started. if it were happening it wouldnt be something people would take laying down.
Look apple jack we know its not some twilight sparkle shit happening at wow we are just trying to help figure out how princess luna banned everyone from ponyville.
More like we're trying to figure out how us changelings can blend in with the citizens of ponyville better.
LOL!? You only have to take consequences when you got caught. - Illegal is anything defined in the laws of your resident country.
My approach(look at the connections) was from a unix-sysop which is my job. No magic anywhere. I still think the idea of different identifiers (open connection to buddyauth.com(IP), 32bit and a few others) is quite a good approach when the official statement is "we have no idea, yet".
