PvP servers for Dark Souls series taken down following concerns over RCE exploit

ds333.png

All PvP servers for the Dark Souls games have been deactivated after Bandai Namco was made aware of a major exploit that can be performed. This was revealed by Twitch user The_Grim_Sleeper, as they were invaded by another player who then used a remote code execution exploit to open Narrator on the streamer's PC, using speech-to-text to read aloud a troll message. It looks like the "hacker" themselves was not a troll, though; according to The Verge, the person who pulled off the exploit was a concerned player who had discovered the RCE, and had attempted to contact the developers so they could fix it. However, they were reportedly ignored, so the person took to targetting a streamer so that news of the exploit would find its way to news outlets and social media after being showcased happening live.

Following the reports of the exploit and concerns from fans, the Twitter account for Dark Souls announced that the servers for Dark Souls: Prepare to Die, Remastered, 2, and 3 would all be taken down for a short time in order to investigate. This currently only affects the PC versions of the games, and servers for the console ports of the games are still online.

 

Zonark

Zonark - Noun - A God
Member
Joined
Jul 11, 2010
Messages
411
Trophies
1
XP
2,329
Country
United States
I agree fully I highly doubt it would just be narrator running is someone was really wanting to cause harm
 

diggeloid

Alex
Member
Joined
Apr 29, 2019
Messages
470
Trophies
0
Age
34
Location
gbatemp.net
XP
2,418
Country
United States
If anyone needed more proof that playing games on a work/personal PC with important stuff on it is a bad idea. Games are rarely written to be secure.

...although, if you're on Linux, you could throw all of your games into Docker/Podman containers and not worry about RCE exploits touching your system, and not lose any performance like you would with a VM.
 

AlexMCS

Human
Member
Joined
Jul 3, 2018
Messages
631
Trophies
0
Age
38
Location
Fortaleza
XP
2,898
Country
Brazil
If anyone needed more proof that playing games on a work/personal PC with important stuff on it is a bad idea. Games are rarely written to be secure.

...although, if you're on Linux, you could throw all of your games into Docker/Podman containers and not worry about RCE exploits touching your system, and not lose any performance like you would with a VM.

chroot jail would be enough on Linux

As for windows, running as an unprivileged user can solve security issues, if there isn't a privilege escalation exploit on the system as well.
 

N7Kopper

Lest we forget... what Nazi stood for.
Member
Joined
Aug 24, 2014
Messages
977
Trophies
0
Age
30
XP
1,301
Country
United Kingdom
chroot jail would be enough on Linux

As for windows, running as an unprivileged user can solve security issues, if there isn't a privilege escalation exploit on the system as well.
There's always a possibility of breaking through any software sandbox. Extra security layers are very helpful, but robust is not invincible. If you're THAT concerned, don't account on your gaming PC's network.
 

Tom Bombadildo

Dick, With Balls
Member
Joined
Jul 11, 2009
Messages
14,580
Trophies
2
Age
29
Location
I forgot
Website
POCKET.LIKEITS
XP
19,271
Country
United States
TBH I'm shocked they're bothering to do anything at all really, so good for them I guess. I don't expect they'll just shutdown the servers completely, they'll probably just actually implement an anti-cheat that should be able to detect shit like this and just kick players from sessions who are detected using cheats (ie like the Blue Sentinel mod for DS3).
 
  • Like
Reactions: Xzi

diggeloid

Alex
Member
Joined
Apr 29, 2019
Messages
470
Trophies
0
Age
34
Location
gbatemp.net
XP
2,418
Country
United States
chroot jail would be enough on Linux

As for windows, running as an unprivileged user can solve security issues, if there isn't a privilege escalation exploit on the system as well.
Nah, a simple chroot doesn't get you anywhere near the amount of security/isolation you'd get with something like Docker or Podman, which use kernel sandboxing features. Throw in some SELinux on top of it all, and you have some hardcore security.

As for Windows, an unprivileged process can still fuck your shit up. I haven't tried Windows 11, but I know that Win10 (and earlier) at least doesn't implement any kind of sandboxing. So a rogue process might not be able to delete your System32 folder, but it could definitely ransomware your files, steal your bitcoins, email your pron folder to grandma, etc.

On Windows the only reasonable thing to do is to not play games on a PC that has important stuff.
 

codezer0

Gaming keeps me sane
Member
Joined
Jul 14, 2009
Messages
3,587
Trophies
2
Location
The Magic School Bus
XP
4,566
Country
United States
I just hope they actually fix it rather than just killing off the servers for good.
Nintendo flat out banned all DS and Wii online access entirely because they refused to fix the endemic of impossible trades that flooded the Pokémon gts. And of course it just followed the new system, at the bonus of being required to pay for nso *and* Pokémon home to suffer through it.

Back on topic...

From software has a history of treating the PC platform like a fourth world nation. I don't think they'd even know how to fix it, much less are willing to do so.
 

Kioku

猫。子猫です!
Member
Joined
Jun 24, 2007
Messages
12,022
Trophies
3
Location
In the Murderbox!
Website
www.twitch.tv
XP
16,188
Country
United States

tech3475

Well-Known Member
Member
Joined
Jun 12, 2009
Messages
3,699
Trophies
2
XP
6,114
Country
Their servers were under fire, much like Titanfall. I feel an exploit isn't reason enough to shut down servers. Guess we'll see?

I just used that as an example, particularly since the PS4 version was still being supported.

We don't know the exact cause nor potential solution to this problem, even something as simple as updating a library has given me problems in the past due to changes. Won't be surprised if some manager goes 'it's not worth the cost' or even just uses this as an excuse to shutdown the servers.

My post was just the worst case scenario and I hope it wont be the case.

As you say, we'll have to wait and see.

Nintendo flat out banned all DS and Wii online access entirely because they refused to fix the endemic of impossible trades that flooded the Pokémon gts. And of course it just followed the new system, at the bonus of being required to pay for nso *and* Pokémon home to suffer through it.

Back on topic...

From software has a history of treating the PC platform like a fourth world nation. I don't think they'd even know how to fix it, much less are willing to do so.

Reportedly, Gamespy's shutdown was the reason behind closing Nintendo Wi-Fi Connection.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
  • BigOnYa @ BigOnYa:
    I'd rather spend like $150 more for a surround receiver.
  • K3Nv2 @ K3Nv2:
    I bought the game at launch never fucked with it until recently
  • BigOnYa @ BigOnYa:
    Its fun, I like it, even tho I'm not a big harry potter fan. Like a wizard rpg. Flying around on a broomstick is cool.
  • K3Nv2 @ K3Nv2:
    Flying sucks ass on it
  • BigOnYa @ BigOnYa:
    Nuh just takes a min to get used to. I think you can upgrade or buy new broomstick also that are better.
    +1
  • K3Nv2 @ K3Nv2:
    I weirdly like inverted controls on all flying type games
  • BigOnYa @ BigOnYa:
    Prob can change it, inverted flying controls.
  • K3Nv2 @ K3Nv2:
    Only thing that annoys me is trying to find wtf to do in it
    +1
  • BigOnYa @ BigOnYa:
    Alright off to the store, later gators.
    +1
  • K3Nv2 @ K3Nv2:
    Some places amaze me were not in network with your insurance would you still like an appointment
    +1
  • AncientBoi @ AncientBoi:
    uhhh, I think I'll just stick with my PSP 3001
  • AncientBoi @ AncientBoi:
    lol, Now I gotta go to the store for more Coffee Mate n other stuff.
  • Xdqwerty @ Xdqwerty:
    i downloaded final fantasy vii into my tv stick
  • Xdqwerty @ Xdqwerty:
    i mean, the game was already there but its the japanese version
  • Xdqwerty @ Xdqwerty:
    and i only downloaded disc 1 so far bc of storage stuff
  • Psionic Roshambo @ Psionic Roshambo:
    @BigOnYa, yeah the patty on McDs burger is 1/10th of a pound now and I think that's the pre cooked weight lol
  • Psionic Roshambo @ Psionic Roshambo:
    I use the app for the 20% off coupon and it's still over priced
  • Xdqwerty @ Xdqwerty:
    @Psionic Roshambo, why is mcdonalds overpriced if their food is bad?
  • Xdqwerty @ Xdqwerty:
    i mean why is mcdonalds food overpriced
  • Psionic Roshambo @ Psionic Roshambo:
    Inflation and greed
    +1
  • ZeroT21 @ ZeroT21:
    it's just fries, make 'em at home
    +2
  • Psionic Roshambo @ Psionic Roshambo:
    I make potato wedges at home with spices and stuff lol
    Psionic Roshambo @ Psionic Roshambo: I make potato wedges at home with spices and stuff lol