Can PG block Warden from reading open processes/IDs

Discussion in 'ProcessGuard' started by LEXavier, Feb 10, 2006.

Thread Status:
Not open for further replies.
  1. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    Sir/Ma'am,

    I work for the Department of Defense and do some unclassified work from home. I cannot have a program such as Warden, WoW's new spyware, reading what I may be doing in the background of them game. I need to have positive control of my work at all times regardless of it's classification.

    If you are not already versed with Warden, Greg Hoglund has a couple decent articles.

    ~Snip~ Links removed to conform with the TOS-ron

    I understand that at the moment, Warden supposedly does not transmit data, but with the EULA that could be changed at anytime.

    Security is number one.

    Thank you for your time.
     
    Last edited by a moderator: Feb 11, 2006
  2. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Use your current PC for gaming and buy a cheap one for work.
     
  3. aka:snowman

    aka:snowman Former Poster

    Joined:
    May 14, 2004
    Posts:
    152
    LEXavier


    Frankly, your post alarms the hell out of me.....but does not at all surprise.......

    Its nearly insane that in this day and time that a person working for the
    Department of Defense would actually be working on government documents on a computer KNOWN TO BE INFESTED with gaming monitoringware .....WoW's Warden

    for $50 you could get another computer for the gaming.......come on Man...there are people dying in wars....thats nothing to play with......you just load even one infected document on your office computer an lord only knows what could result..........
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Boy I couldn't agree with you more. Even if it is "unclassified" Scary that someone would have such bad judgement.
     
  5. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Which is why I said what I did.
     
  6. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    I have considered it yes, but Warden is my ONLY concern. Suppose I do get another computer, that still doesn't stop Warden.

    I have a gaming laptop and a halfway decent home PC. I do not use the gaming laptop for business, but this summer I will need to. Again, no overly important documents will be worked on outside of a SIPRNET and on a computer DoD approved for such work. Everything is not classified and done over a NIPRNET.

    o_O ... and I just spent $3000 on a gaming laptop. Heh, where the hell can you get one for $50?


    So far, I have heard a lot of concern for the fact that I may be comprimising security, etc etc. This is not the case. I would do nothing to jeopardize my job or international security. Again everything I do is NIPRNET approved and any 733t h4x0r that gets ahold of the information will be laughed at for wasting his time.

    Let's put a new light on the situation:
    A general user does not like the idea of Warden looking at anything that is open or running. Will PG stop it from reading EVERYTHING that is open?
     
  7. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    iirc using PG paid u can prevent an executable from having read priviledges.
     
  8. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Yeah but Warden wont be on your work computer, the computer you do all your super secretive stuff.
    Warden will be on the computer you play games on so all you've gotta hide is your poor play;)
     
  9. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    ... and the computer I pay bills on, check my email on, etc.

    You miss the key point of my question and you keep going back to the govt deal- Will PG stop Warden?
     
  10. aka:snowman

    aka:snowman Former Poster

    Joined:
    May 14, 2004
    Posts:
    152
    LEXavier


    Obviously you either refuse to face reality, or simply don't care the risk you are placing innocent people in.

    So whats the price of one human life these days.....is it less than the cost of a computer.........an for $50 you could get an old computer and rebuild it to meet your needs.......is that to much work for you......even if it prevents a security breach on a government network............an what makes you think NIPRNET can"t be exploited.......if there are computers....there are exploits!!

    As a veteran I find your behavior and attitude less than desireable......experience and knowledgeable Posters are letting you know the RISK you are......an you ignor their wise advice.......for shame!

    No, there is no "new light" to shed on this subject......you have placed the armed forces in harms way so you can play a computer game............for shame...........for shame!!
     
  11. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    Please learn terminology before you flame me.

    A NIPRNET can easily be exploited. No one cares though because the information on there really DOESN'T need to be secure. None of the work I would be doing would need to be secure.

    I fully understand the risk of Warden seeing what I am doing, but I am a Combat Weather Forecaster. No 'hacker' is going to give a **** about normal weather in South Central United States. Any other type of work, ie weather for flights and actual combat weather would NOT be done from my computer. It would be done from a sealed vault, on base, in a SIPRNET environment.

    Your flames are "for shame" as you are ignorant to what I am saying.

    EDIT: If a hacker wants the weather he is better off going to weather.com - it would be faster.

    I am more concerned about MY private data because all I would doing at home is monitering weather and sending emails when needed.

    Check our squadrons website. It is public and there is NO secret data.
    https://26ows.barksdale.af.mil/index.cfm?fuseaction=main&userfunction=M&bandwidth=H&aor=1
     
    Last edited: Feb 10, 2006
  12. aka:snowman

    aka:snowman Former Poster

    Joined:
    May 14, 2004
    Posts:
    152
    LEXavier

    No one is Flaming you........you obviously don't know me....if I flame you will know it........

    Once an for all try to understand....its INFECTING A NETWORK THAT IS OF CONCERN.......no one cares what your work is or who you are......its infecting a government Network that Posters are concerned about.........no one wants to hear about how lowly your job is......infecting a Network is a very serious issue..............learn the terminology......been doing this for sixteen years.......an could tell you stories that would make you hide under your bed..................

    There is only one point here......its you placing others are risk!

    Now I wont waste any more time on this subject....
     
  13. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    This is not possible as there will be no connection between my personal computer and the network nor would such a thing be allowed.

    There will be no file transfers either.

    There will be me monitoring weather from the public website posted above.

    Now can we get back to the original question?
     
  14. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    Thank you. That is what I would assume as well. I just want to be sure.
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Yes, but you have to be careful, as the game, warden, might not run if it doesn't have the privileges it wants.
     
  16. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    Thanks. I'm aware of that risk as well, but I am pretty sure all that is going on is a simple scan and it's looking for X results to come back. If no results come back then it may just decide it could not find what it was looking for.

    I take it that it is not possible to let it see maybe one or two things just to make it happy?

    Thank you for your time, sir.
     
  17. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    Any thoughts?

    Fri 10 - 12:55:18 [EXECUTION] "c:\program files\world of warcraft\launcher.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1364]
    [EXECUTION] Commandline - [ "c:\program files\world of warcraft\launcher.exe" ]
    Fri 10 - 12:55:21 [EXECUTION] "c:\program files\world of warcraft\wow.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\world of warcraft\launcher.exe" [2784]
    [EXECUTION] Commandline - [ "c:\program files\world of warcraft\wow.exe" ]
    Fri 10 - 12:55:26 [GLOBAL HOOK] [4072] was blocked from creating a global Low Level Mouse hook

    Low Level Mouse hook? For what purpose?
     
  18. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Again, the simple answer to your question is not software. Pay your bill on your 'work' pc, play your games on your 'games' pc. ;)
     
  19. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    You're obviously happy with being 'pretty sure' or you would take the following steps. Uninstall whatever installed warden or use another PC for things you don't want exposed.
     
  20. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    This forum is for ProcessGuard. I would like to utilize it.

    My 'games' pc is a AMD Athlon™ 64 X2 4200+ and 256MB NVidia® GeForce™ Go 7800 GTX with 2 gigs of RAM. It is a laptop so it WILL be my 'work' pc on the go.

    Warden is integrated into a game.

    No I am not.

    I would appreciate an answer from someone that understand how to use the program. Not someone that is going to give me a simple solution.

    EDIT: Please read the links posted in the original post so you actually know what Warden is/does.
     
  21. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    LEXavier,

    The links you mention were edited out since there is genuine malware available at that site in addition to some generically useful tools and analysis.

    You're quite correct, the discussion regarding your work situation and malware exposure is not germane to this discussion and you have adequately explained the situation. There's no need to cover this further, nor any need to other posters to dredge it up again, it is simply not germane to the question on the table.

    The potential privacy issues with an application such as Warden are obvious.

    Since Warden is supposedly used to prevent cheating while playing, I guess the key question is whether one incurs a situation similar to Punkbuster, see here, with respect to whether Warden contains active measures to assess if the user may be employing some means to get around the anti-cheat and handles this as equivalent to cheating - whether or not that is the case. Off-hand, I don't know if Warden works that way, but a quick read implies that could be the case. Net result, this may risk banning from the game servers. Don't know if this is the case, but that would be my primary concern using PG in this manner.

    Blue
     
  22. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    PG will stop the reading of processes but only for processes that are on the Protection tab and which have protect from reading enabled.

    Even those protected processes can be read by other processes that are also on the protection tab and which have allow to read permission.
     
  23. kampsk

    kampsk Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    33
    Yes you can probably stop warden with PG but as BlueZannetti mentioned trying to block warden could get you kicked off the game servers. Just a suggestion get a copy Virtual PC and do your sensitive work in it. when you are done just protect where you have saved any info from VPC shut it down and start gaming. Would be better if game and warden were in VPC but I do not know what the hit on game performance would be?
     
  24. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    PG can stop Warden, but what if warden, when they become aware of how PG is being used, comes out with a fix? Do you think they'll email you?
    You'll think you're safe.
     
  25. LEXavier

    LEXavier Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    10
    Location:
    USA
    Much appreciated.

    Understood, I should have thought about that ahead of time.

    That should not be an issue as I won't be cheating. I understand it may get me a 72HR suspension for questionable activity, but that is fine. I will then have to reevaluate it's use.

    SpikeyB: Those instructions were great for someone that isn't as veteraned as most of the people here, thanks.

    I will look into this.
     
Thread Status:
Not open for further replies.