Tencent owns 40% of Epic Games, which develops the incredibly popular Fortnite Battle Royale computer game. Epic Games happens to also develop the influential tool Unreal Engine, which is used widely throughout industry to produce interactive 3D applications.
Fortnite BR, like other competitive online games, runs anti-cheat software in-order to detect cheaters. Fornite BR happens to use Easy Anti-Cheat and BattlEye [1] [2].
Anti-cheat software runs with very high privilege. More importantly, with many anti-cheat software, every session a new binary payload is downloaded directly from the internet.
Anti-cheat software seems like a great platform to launch targeted malware in-order to achieve a beachhead on a computer network: highly targeted, and effectively undetectable.
I would expect most software developers don't sandbox their gaming machines from their work-from-home environments.
> Anti-cheat software seems like a great platform to launch targeted malware in-order to achieve a beachhead on a computer network: highly targeted, and effectively undetectable.
> I would expect most software developers don't sandbox their gaming machines from their work-from-home environments.
I have been worried about this for some time. In my country we have a lot of issues with metadata retention so I set something up like this[0].
I have separate VLANs:
• VLAN 1: Management (no tag, null route)
• VLAN 2: Untrusted (routes direct to ISP via ppp0)
• VLAN 3: Trusted (routes direct to ISP via ppp0)
• VLAN 4: Trusted (routes via tun0 - VPN connection for private browsing etc)
• VLAN 5: Null route for devices that do not require internet access of any kind, desk phones printers etc.
(Doesn't have to be a Raspberry Pi, you can use anything that Alpine Linux runs on which is x86_64, x86, ppc64le, s390x, armhf, aarch64 (ARM8 like Raspberry Pi 3), armv7 (Raspberry Pi 2, and friends).[1]
Upgrading to managed switches, I had thought about making a bunch of VLANs in a similar manner. But I ended up settling on something much simpler.
There are essentially just two segments / types of switch ports (I may have stuck with the many-vlans thing if switch ports had RGB LEDs showing what zone they were in...). First, the "trusted" network, which does switch management, servers, reasonably-behaved hosts, etc.
Then, a second "access" segment. Ports in this segment are setup to not be able to talk to one another through the switching fabric at all - the only thing they can talk to is the router. Ports on the same switch are prohibited from talking by the switch's config, and different switches are given different associated VLANs. This is good for visitors, Android, Internet of Trash, etc.
For routing, the horizon seen by each device is controlled directly by its own macaddr on the router itself. Two hosts on the same segment can see drastically different routing tables and Internet connections. This isn't perfect, as it can be easily spoofed unless I start pushing the switchport-mac mapping out to the switches. But it works for now.
But I believe "sandboxing" in the original comment was talking about the machine itself, not network access. So PC gaming means being disciplined about getting another machine, or at least a second GPU for PCIE passthrough in a VM. In general I think we're in a time of decommodification. The easiest way to sandbox between security boundaries is separate machines, of which there is an inexpensive surplus of. No need to have banking and games on the same tablet, when a second hand nexus7 (flo) is $40 on fleabay.
Carefully constructing a household network topology and being disciplined with separate physical machines appears to be a strong mitigation.
But will your colleagues who play competitive online games be willing to buy a separate machine used only for remote employment, and be willing (and able) to construct such a network topology correctly?
> Then, a second "access" segment. Ports in this segment are setup to not be able to talk to one another through the switching fabric at all - the only thing they can talk to is the router. Ports on the same switch are prohibited from talking by the switch's config, and different switches are given different associated VLANs. This is good for visitors, Android, Internet of Trash, etc.
Yes essentially that's what VLAN 3 and 4 are (trusted). They are able to talk to each other but VLAN 2 (untrusted) cannot. VLAN 2 cannot access my server on the LAN or any other network resources, except in certain situations where I open a single HTTP port to a specific directory that is read/only. This is where guests would be. I use this to copy 'certain' files to my untrusted hosts. The exploitation surface area is extremely low. Switch configuration can only occur when on VLAN 1 (management). I also can control which VLAN people access via WiFi via my Unifi Controller. One SSID is a trusted network, the other is untrusted. I only use EAP so I can control exactly what users have access to what VLANs via FreeRadius. All of this is documented [0][1]
> For routing, the horizon seen by each device is controlled directly by its own macaddr on the router itself.
Remember MAC Addresses can be spoofed which means you can get things like VLAN hopping if you're not careful. My Windows machine where my gaming happens is "untrusted" and is in port 2 on the switch, my trusted machines are in port 3 and 4. My other family members also have certain devices they consider 'trusted' and those are in VLAN 3/4 while they have devices that are 'untrusted' in VLAN 2. It took some time to educate everyone, but I drew pictures, and explained it nicely. Unfortunately this is the world we currently live in.
I was concerned that a APT (advanced persistent threat) might have the time to monitor the system for idleness and then attempt such an activity. At least that is what I would do.
> But I believe "sandboxing" in the original comment was talking about the machine itself, not network access.
Well they are sort of the same thing in this situation because it's physical sandboxing.
> So PC gaming means being disciplined about getting another machine, or at least a second GPU for PCIE passthrough in a VM.
> In general I think we're in a time of decommodification. The easiest way to sandbox between security boundaries is separate machines, of which there is an inexpensive surplus of.
Exactly.
No need to have banking and games on the same tablet, when a second hand nexus7 (flo) is $40 on fleabay.
This is exactly my point. In regard to my mobile phone I use a Redmi Note 5, with LineageOS, without Google Apps. If I tablet gamed I would have a 7" tablet specifically for that. I would tether it to my phone via WiFi AP and the CPU/GPU would probably be more powerful than you'd get in a phone anyway.
I only install things through F-Droid. I have made a significant attempt to de-google my life and have been successful.
To put it in term of your network, I didn't want to deal with having to differentiate between VLAN3/VLAN4 switch ports (and wanted to leave room to grow multiple outgoing VPNs).
Also I don't see the need for hosts on VLAN2 to be able to talk to one another. Which enables me to default to putting decently trustable things in my access zone as well (like say an RPi running Raspbian/Kodi).
> Remember MAC Addresses can be spoofed which means you can get things like VLAN hopping if you're not careful
Oh for sure, which is why I alluded to eventually pushing out per-port mac address config to the switches. But my primary concern is browser/pocketsurveillance traffic not going out my ISP's IP, and this suffices for now.
(Thanks for the dump of Free android apps you find useful. Not really on topic for the thread, but I personally appreciate it)
It's not like an additional 11% ownership and voting rights would prompt the board to pass a motion to begin using Fortnite to spy for China.
The benefit of partial ownership (or dual ownership) is that it opens up the network of internal employees and management to recruitment while also providing plausible cover as it is a branded and well-known "western" firm
They only need to get another 11% to vote with them.(assuming they have 40% voting representation).
That's one or two other shareholders you need to bribe / convince. Not difficult, especially when the company you just invested in is learning what it's like to have scrooge McDuck money and want more.
> They only need to get another 11% to vote with them.(assuming they have 40% voting representation).
This depends a lot on who owns the other 60%. If it's one other party, the 40% effectively has no control. If it's a public company with a million other owners and they're the largest individual shareholder, many of the others won't even show up to vote their shares and their 40% of all shares will generally be >50% of the ones that show up to vote for anything.
It's a private firm, and the voting example I gave isn't really that good.
A more reasonable case is that they can heavily influence what contractors and 3rd parties are used for projects. Not something that needs a board vote, but something a 40% shareholder has a lot of say in.
I imagine they don't hold a vote on whether to put backdoors or not on a board meeting. So that raises the question. If not like that, then how does it actually happen?
You just go to the executives and point out that you own 40% of the ownership, and you'd really like them to hire these couple of guys and put them on this team, and then not ask too many questions about what they're doing, or you'll use your 40% ownership to make their lives more difficult, which at 40% can easily involve ousting them personally. (See other people's comments about the difficulty of getting enough voters to actually vote to prevent a 40% stake from being the vote winner.)
The literal thing I just said isn't even that unethical; suppose you own 100% of a company, then telling it to hire someone specific and pay them this much and put them here would be fully within your rights as owner. (There's probably a legal hurdle or two to clear, but AFAIK it's nothing that will actually stop you.) How that changes ethically as your ownership stake decreases I'll leave as an exercise for the reader. What's unethical is what they'll be doing when they get there, and who else is tainted ethically depends on how much they know and what they do about it.
The other examples are public companies. Epic Games isn’t. Something shady could still happen but there are only a few shareholders that control the vast majority of the company. I think a few other firms and the founder.
They don't need to do anything with shareholders to spy on anybody.
Heck, if China wants to spy on anybody, they don't even need to resort to technology to begin with... Unlike the PRC, USA is a more or less open society — want someone's secret? Just send your man there; Want to influence someone? Just ask......
I totally don't understand American concern with technology being used by espionage, while it lets this go.
Yes, stealing individual secrets is best done with old school tradecraft. Spies in suits, photos of scandals with dominatrixes.
But what if you want build a system which can identify homosexuals based on textual conversations? You buy Grindr.
Or what if you want to get a backdoor for future exploitation on almost every computer in the US? You buy Fortnite. Because one of those computers will belong to the child of someone important. It only takes one slip by them to get Stuxnet from their home PC to their work PC.
You mustn't be afraid to dream a little bigger darling.
You don't need to buy a company to use its systems in an attack. The odds of discovery and disclosure ahead of time increase massively if you go through a major company's decision making processs as part of your hacking process. Companies are people. Lots of them. They are consequently not good at keeping secrets, particularly "I'm hacking the world for evil" secrets.
Sure, but then the problem would be their ownership of the anti-cheat company, not of Epic. FWIW, BattlEye appears to be German and Easy Anti-Cheat Finnish (and bought by Epic).
That's not how covert operations works. More likely is just a series of subtle moves to get "trusted" assets into the right places, followed by coordination outside of corporate channels to implement the backdoor. You'd have trusted agents actually implementing and using the backdoor, and less trusted assets (ideally, to allay suspicion, people not of your nationality that you've leveraged via MICE or some other mechanism) to look the other way and generally act like useful idiots.
Not to mention that some games are translated for the Chinese/asian market. Guess who will suggest a company for that?
Then one could slowly make it so that the translation team needs more and more access rights to the deployment platform (or just stealing credentials is an option too - especially from the inside). All you need is to be able to insert a little script and be able to press the "deploy now" button.
Hidden backdoors are so '90... Online games are perfect cybernukes.
Still in the same system and network I assume. If you are an "irrelevant" target let's say, one where there are no stakes in getting to you, this is good enough. Otherwise it's a matter of getting into your UEFI or disk firmware (since both disk share the same system), or rest of the network (router, IoT crap, another system, etc.) and the fact that you have an encrypted disk won't matter that much.
It's about how important a target you are. You only have to make one mistake, and "they" only have to get it right once. There's no defense that you can put up against a team of dedicated hackers with nation state backing unless you are either not on their radar, or have nothing inherently hackable in your life.
But it's still worthwhile to protect oneself from being an easy target for a system which just scoops anything interesting off the disk it's installed on.
I dual boot windows and Linux, work is always done on Linux with FDE and I never access files on one from the other but it's a threat model I never considered, Fortnite is installed because the boy plays if a lot when I'm not using the gaming/dev PC.
I think the concept that Tencent is asking Epic to infect your computer with malware is a ridiculous conspiracy theory.
I work for a western studio for which Tencent is a majority shareholder, and I can tell you, Tencent hasn't even hinted at wanting any of our data, let harvesting more.
As far as I can tell, their motives are simple and capitalistic. Somewhat ironically, it was all the western potential acquiring companies that had agendas that were very ethically distasteful to us.
Tencent certainly complies with Chinese laws in china, but can you blame it? Wouldn't you comply with the law of your country?
intelligence services play the long game. Gradually exert pressure, put friendly management in place, move supporting services to Chinese data centers, etc. Maybe it takes 10 years. They aren’t in any rush.
Even if you're the CTO of a US company that's being infiltrated by a foreign intelligence agency, there are only three possibilities:
* You are a foreign intelligence asset and and any denials on your part are lies.
* You are not a foreign intelligence asset, but you know that strange things are afoot and have informed the FBI. In order to not jeopardize the counterintelligence investigation, you have been instructed to play dumb, and hence, any denials on your part are lies.
* You are not a foreign intelligence asset and you have not noticed the infiltration. In this situation, you're not lying when you deny that anything's going on, you're just ignorant.
Of course, if your company isn't being infiltrated by foreign intelligence, you will also, correctly, deny that the company is being infiltrated. I'm not saying that his company is being infiltrated or compromised; I'm saying that there's virtually zero informational value in someone in his position denying such a thing because no one would ever admit it.
> Tencent certainly complies with Chinese laws in china, but can you blame it? Wouldn't you comply with the law of your country?
Since you've put yourself out here as CTO of a Tencent owned company... I've heard that in China, Fortnite requires a Chinese "real ID" to play. Aka China knows exactly who you are at all times.
They also "punish" you for playing more than 3 hours at a time if you're under 18.
And I can't prove, but assume they also record all conversations (otherwise... What is point of using real id??)
This doesn't sound like something Epic games would want to be associated with if Tencent wasn't a major shareholder. Are you saying you've had no pressure at all to implement similar features and make your games "more friendly to the Chinese market"?
To me it feels just like China buying up slivers of hollywood so nothing critical of the regime makes the big screen
The question is if this chinese id is requirement from gov to enter the market... how many corporations would refuse (EA for example)? Especialy with Fortnite which is sure to be super profitable.
I am not saying Epic/Tencent is good or anything just that you don't need to be partialy owned by chinese company for this to happen. It is financial capitalist decision. Similar to why other companies want to enter china market.
It would be more suspicious if Epic was doing it even when Fortnite woulnt be profitable in china.
> I work for a western studio for which Tencent is a majority shareholder, and I can tell you, Tencent hasn't even hinted at wanting any of our data, let harvesting more.
How would you know if they did? Most employees have zero interactions with their employer's investors.
Because I am the CTO of the company, and because the only interaction Tencent has with our company are during it's board meetings, which I am also a member of.
I was working for a telco hardware and software manufacturer and I remember when about 15 years ago, I was the QA, who was sent to China with an engineer to implement "a feature" onsite (yes it was a backdoor). Everybody could guessed in my team, why are we were sent there. Also worked at a cinema control software company and we had to implement the same feature.
So yeah, it only take one engineer to implement a feature. (or a bug)
And you could have mentioned that fact in your original post. This just reads like you baited someone into what was a reasonable response. I'm not sure why that'd be necessary so maybe it was entirely unintentional on your part.
I don't want to give examples of specific companies for what I hope are obvious reasons.
But in basically all cases western companies were much more interested in buying us for our users, which they could then subject to whatever their business model is. Selling ads, selling subscriptions, selling data, whatever.
Our companies profit was actually a negative to these western companies since it simply increases the price that they would have to pay to get at the users.
Yes, there is a difference between giving all your information by your own free will and the state spying on everything you do.
On the other hand how many knows how much Facebook and Google collects about you and where that information ends up some time later? There was a lot of scifi about the information society and how that could derail in the future, where machines decides if you might commit a crime in the future and take preventative meassures. We are not far away from it now, just takes a few small jumps in the imagination to end up there :-)
The way security and surveillance is developing globally is incredibly worrying.
Security establishments are treating domestic companies, infrastructure, data hosting and anything else they can as vectors for intelligence. Legislators are supporting them. No one is taking the higher ground because they're doing it too.
Meanwhile, the meatiest cash cows in tech are advertising businesses, and the technologies that make their money are ad-tech, which at this point is extremely adjacent to spy-tech. Facebook's ad-tech, for example, would be very good at narrowing down a list of people likely to go on Hajj... I'm sure tencent's is too.
China is more open/public/brazen about their domestic activities (we noticed that your friend went to Mecca) where the US is cagey about domestic operations (eg Snowden). They're more discreet about foreign surveillance, where the US is a little more public. Both are doing both. So are dozens of nations and probably few non state players.
Now we seem to have an arm's race, with spooks publicly "outing" rivals and simultaneously demanding (publicly and privately) legislatures and companies improve their access.
At best, we get technology and digital culture balkanization. At worst, we get stasi-on-steriods.
There doesn't seem to be any meaningful political force pushing in the freedom direction.
The political forces that do exist gets actively ignored. People are just happy as it is, getting everything for free and/or conveniently. And "As long as you don't have anything to hide..." is the mantra of today.
The thing is, we don't know what we need to hide tomorrow.
Maybe, but that doesn't mean that the current situation doesn't warrant special attention given the granularity at which surveillance data can be collected, the scale at which it can be aggregated and mined, and the intelligence with which it can be used to compute analytics is unprecedented?
It really is concerning. China, USA, England, Russia, etc. - many governments overstepping in addition to 8 or 10 very powerful tech companies.
I just can’t help comparing this with William Gibson novels when I imagine the future: not all bad, society will go through interesting transformations, some will be good. But still worthy of concern.
> Security establishments are treating domestic companies, infrastructure, data hosting and anything else they can as vectors for intelligence. Legislators are supporting them. No one is taking the higher ground because they're doing it too.
When, in all of human history, has this ever not been the case?
In my opinion the sad reality is that societies mostly advance by sticking their finger in their fire.
- If not for nukes we'd still be going full-on against each other in war.
- If not for Hitler, we'd probably still be engaged in top-down government driven eugenics. Something many do not know is that US "progress" on this topic was an early inspiration for Hitler.
And here too the solution will likely be letting things reach their natural climax. It's not difficult to imagine a practically infinite number of extreme scenarios when you have centralized authorities with effectively unlimited informational access on their population and perceived 'enemies' - foreign and domestic. One of these scenarios will eventually play out, at which point this dystopic nonsense can hopefully go the way of government driven eugenics as people realize what this can, and inevitably will, culminate in.
Oh no no, governments will only involuntarily sterilize the [not me] people. Oh no no, governments will only use mountains of personal and private information to exploit [not me] people.
Of course this kind of censorship shouldn't happen. What they are doing is wrong and I find it mostly just sad that the Chinese government can't function without such a degree of censorship.
On the other side though, people are being warned again and again about centralized platforms, and they never cared one bit. Even with China as a perfect example of how terribly that can go wrong, people just won't believe that maybe, just maybe, they shouldn't be relying 100% on centralized messaging and social media platforms.
We can't change the Chinese government; nobody can. It's a political monolith built from the ground up to maintain its own stability above all else. What we can do, however, is the way we think about software; not as something that just seems to grow on trees on its own, but tools that can and will be used for political purposes whenever possible.
> We can't change the Chinese government; nobody can. It's a political monolith built from the ground up to maintain its own stability above all else.
People once thought the same thing about Soviet Russia, and they were wrong. The Chinese government can be changed, it's just that none of the actions "we" can do to help with that have any clear path to quick success. I think it'll be more an exercise of doing what one can (like refusing to cooperate with censorship. tying to subvert it, amplifying dissidents, etc.) and waiting.
Just to clarify, I'm taking "we" to mean all of us opposed to authoritarianism, across all national boundaries.
Soviet Russia in the 80s was falling apart after economic stagnation, then the perestroika and glasnost would make it open to critic communism itself, even some events like Chernobyl contributed to some extent.
You wouldn't have even dreamed to make Soviet Russia regime fall with "social pressure" under Stalin.
China is not regressing nor stagnating, it's peaking. You can't take it out from the inside so easily.
> Although WeChat’s primary user base is in China, an estimated 100 to 200 million people outside the country use the messaging service. Among them are millions of members of the Chinese diaspora in countries like Canada, Australia and the United States, but there is also broader expansion in much of Asia. Malaysia is reportedly home to 20 million WeChat users, out of a population of 31 million. In Thailand, an estimated 17 percent of the population has a WeChat account. In Mongolia, WeChat was the second most downloaded application in 2017. Merchants in Myanmar’s Shan state along the border with China have taken up the app and the number of retailers in Japan that accept WePay (mostly when serving Chinese tourists) increased 35-fold last year. Tencent recently purchased a $150 million stake in the news aggregator Reddit and is eyeing an entrance into the online video market in Taiwan, according to Taiwanese officials.
Edit : Also, remarkably, there's this : ...once an account is registered with a Chinese phone number, it remains subject to Chinese controls even outside the country.
And the article gives some examples about it and how the control is not limited to within China itself.
It seems like every week brings an ever-quickening deluge of this kind of information, whether about some surveillance corporation lying to / exploiting its users or an oppressive government edging ever closer toward a full-on 1984 nightmare scenario (some are just about there).
At this point the decision tree facing privacy activists, those concerned with human rights, and those who support the expansion of western moral aspirations is unambiguous.
Do you dislike Google fucking up the internet and assisting with totalitarian censorship regimes? Stop using their services. Stop letting them pay you to improve their services. If you're good enough to work at Google, you're uniquely positioned to get another high-paying job somewhere else. Same with the other big offenders.
Do you dislike FaceBook's scummy behavior on everything from censorship, to digital stalking of non-users, to psychological experimentation with unwitting human subjects? Stop adding fuel to the fire. Quit. Today. Now.
Are you uncomfortable with China's aggressive censorship, human rights abuses, and surveillance? Stop buying shit from them. Stop using their software. Nine times out of ten you don't need it.
Exceptions arise, and no one's behavior is perfect. But the 1/10 case where you absolutely MUST use a certain surveillance app or buy a certain widget made by slaves in another country is not an excuse for throwing your hands up and capitulating in the other nine cases you encounter every day.
Same result though right? The government decides how much gaming you can do.
EDIT: Just to be clear, my original comment was sarcastic; gaming is bad for your social credit score under the new system. Just in case you thought I actually meant good.
> gaming is bad for your social credit score under the new system
No it isn't. The idea is popular, probably because it plays into the simple narrative of a totalitarian government doing a single big thing to control everything at once. But the "social credit system" essentially amounts to separate government departments trying to coordinate their actions. Here's the best-informed article I've read so far on the topic: https://foreignpolicy.com/2018/11/16/chinas-orwellian-social...
Although this may be the case now, we can't just dismiss the fact that any government or service provider can (and will) continue to develop these systems and in the future control and deny more rights and access to services based on people's lifestyles.
As the NHS struggles more in the UK, I can imagine a future where your lifestyle habits, bought from banks and retailers are used to decide on your entitlement to care.
Insurance companies already use profiling, employers have been guilty of it, even countries using your social media to make decisions on entry.
These things will continue to be eroded, and if we just simply dismiss it, because a statement is too "matter of fact" like mine was, were in danger of losing sight of the fact that this is happening everywhere, it just doesn't necessarily have a nice marketing name yet.
Weird “whataboutism” - social media you opt into vs telco network hardware you’d have (presumably) no choice with. Don’t get me wrong - they’re both bad but one is a distinct level up.
I'd say it's the other way around. You can avoid Huawei devices because it's easy to say "this brand is bad."
But he average consumer doesn't know what software Tencent has ties to. You think you're getting North Carolina's Epic Games, but you're also getting Shenzhen's Tencent.
I think this is a great example of an equivocation that often gets made. A security risk that a company might be able to reliably implement on a large scale, vs. a technical security risk that might only be true in a research lab.
ie, a single packet going through a Huawei devices doesn't pose me any threat. Not really. If I signed up for a Tencent service, though, quite a bit of my information would be voluntarily handed to the Chinese government.
(and to be clear, there is a real risk to Huawei infrastructure, but it's not the rare possibility that I may never be able to avoid it as I sometimes use the internet.)
"A security risk that a company might be able to reliably implement on a large scale, vs. a technical security risk that might only be true in a research lab."
Man can make it, man can break it. One of the most valuable lessons taught to me during my times at Solectron Global.
You think you're secure in any way? No. The absolute nature of computer science makes 'security' a laughable goal.
See: Ghidra. I've already used it to pull out several 0-days from Windows 7 and 8+ (including 10 since it is based on 8.)
Your train of thought is good, but doesn't hold up to actual reality.
And while you think those packets hold no threat to you, try going overseas if you've said anything bad (I had to deal with this in Thailand after criticizing the King while living in the USA.)
Don't be naive - watch what these people in charge are doing.
Fortnite BR, like other competitive online games, runs anti-cheat software in-order to detect cheaters. Fornite BR happens to use Easy Anti-Cheat and BattlEye [1] [2].
Anti-cheat software runs with very high privilege. More importantly, with many anti-cheat software, every session a new binary payload is downloaded directly from the internet.
Anti-cheat software seems like a great platform to launch targeted malware in-order to achieve a beachhead on a computer network: highly targeted, and effectively undetectable.
I would expect most software developers don't sandbox their gaming machines from their work-from-home environments.
[1] https://www.reddit.com/r/FortNiteBR/comments/82xyhb/launch_e...
[2] https://www.thesun.co.uk/tech/7446514/fortnite-cheats-beware...