Warden (software)

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Warden (also known as Warden Client) is an anti-cheating tool integrated in many Blizzard Entertainment games. While the game is running, Warden uses operating system APIs to collect information about certain software running on the user's computer[citation needed] and sends it back to Blizzard servers as hash values to be compared to those of known cheating programs or simply as a yes/no response (whether a cheat was found).[1] Some privacy advocates consider the program to be spyware.[2]

Operating systems[edit]

Games that use Warden include Diablo II (since patch 1.11), StarCraft (since patch 1.15), StarCraft II: Wings of Liberty, Warcraft III (since 2009-04-14, patch 1.23), Diablo III, and World of Warcraft.

WoW can be run under Wine on Linux. Warden currently detects whether it is running under Wine so it can modify its behavior slightly, though it remains fully functional.[citation needed]

Detection methods[edit]

The things Warden currently looks for in-process includes but is not limited to:

  • Model edits.
  • Known cheat modules (DLLs)
  • Known modifications to game functions
  • Known cheating addons
  • Speedhacks
  • Known API hooks from cheats

The things Warden currently looks for out-of-process includes but is not limited to:

  • Known cheating drivers

Warden also has a protection module in it, which provides users security from malware, keyloggers, and rootkits which hide keyloggers. If Warden detects a known piece of malware active on the system, it will block the user from logging into the game, and will display a screen which directs them to Blizzard's support site for removal instructions.

On 23 June 2010 Blizzard updated the Warden Anti-Cheat Platform to version 2—named Warden 2.0—with World of Warcraft Patch 3.3.5.

Warden now scans Warcraft II and III game memory space only, with the exception of a few tools.


Alureon has also been known to crash Warden (and thereby crash World of Warcraft & Starcraft II's game clients), and began appearing in December 2010 with users being infected with the TDL1 (non-mbr version, which is fairly simple to remove). If Alureon causes Warden to crash the game client, it always crashes at specific memory addresses (depending on the version of Alureon on the system), making it simpler for Blizzard Technical Support personnel and forum regulars to diagnose Alureon as the cause of the crash, and inform the user as to removal instructions.

Privacy concerns[edit]

Legal actions have been taken up against Blizzard's RAM scanning, for privacy reasons, as far back as its first implementation—in the World of Warcraft alpha test, to watch if users were breaking their confidentiality contract. Within days of the beta test new lines were added to World of Warcraft's EULA.[citation needed]

The Electronic Frontier Foundation and other groups have labeled Warden as spyware.[3] Blizzard has said that Warden does not gather any personally identifiable information about players other than the account being used. It also states that the data collected is only used for finding evidence of malicious programs and cheating.[citation needed]

Moderation and chat bots[edit]

"Moderation bots" are third-party game clients written to monitor, administer, or moderate users and/or third-party clients in game chat channels. While they are not used for cheating, Warden still disables them. Blizzard's stance on moderation bots calls them "Third-Party Programs". Many clans on Battle.net use moderation bots to keep the clan "channel" open at all times, and to allow multiple users to moderate the channel.[citation needed]

"Chat bots" are third-party game clients that allow users to log into battle.net to chat with users or idle in the channel of their choosing. Warden disables chat bots for the same reason as moderation bots.

MDY Industries v. Blizzard Entertainment[edit]

Warden has been brought to light by Blizzard's lawsuit against MDY Industries, LLC., the creator of the gameplay automation software Glider (more popularly known as WoWGlider or MMOGlider). Blizzard has alleged in legal filings that Warden prevents players from creating unauthorized copies of the game client[citation needed], which was previously an unknown function. Blizzard makes no mention of its known function of collecting data on open programs. Furthermore, it is actually referred to as "Warden," the first time Blizzard has confirmed its name.[4]

Presiding Judge David Campbell ordered against MDY in July, carrying Blizzard’s infringement claims and that the third party program tortiously interfered with World of Warcraft's sales and impacted Blizzard's relationship in a negative fashion with their customers. The US district court awarded Blizzard $6.5 million in damages against MDY Industries, and have held its founder, Michael Donnelly, personally liable for the awarded money.

MDY appealed the ruling to the Ninth Circuit Court of Appeals,[5][6] which heard oral arguments on 7 June 2010.[7]

On 14 December 2010, the Ninth Circuit vacated the summary judgment with respect to the secondary infringement count and the DMCA circumvention count with respect to the static literal elements of content already present on the user's hard drive, but upheld the summary judgment on the DMCA circumvention count with respect to the dynamic nonliteral elements of content provided by the World of Warcraft servers. The summary judgment on the count of tortious contract interference was also vacated, but was remanded to the District Court for further consideration as a finder of fact.[8]

See also[edit]