PvP servers for Dark Souls series taken down following concerns over RCE exploit

ds333.png

All PvP servers for the Dark Souls games have been deactivated after Bandai Namco was made aware of a major exploit that can be performed. This was revealed by Twitch user The_Grim_Sleeper, as they were invaded by another player who then used a remote code execution exploit to open Narrator on the streamer's PC, using speech-to-text to read aloud a troll message. It looks like the "hacker" themselves was not a troll, though; according to The Verge, the person who pulled off the exploit was a concerned player who had discovered the RCE, and had attempted to contact the developers so they could fix it. However, they were reportedly ignored, so the person took to targetting a streamer so that news of the exploit would find its way to news outlets and social media after being showcased happening live.

Following the reports of the exploit and concerns from fans, the Twitter account for Dark Souls announced that the servers for Dark Souls: Prepare to Die, Remastered, 2, and 3 would all be taken down for a short time in order to investigate. This currently only affects the PC versions of the games, and servers for the console ports of the games are still online.

 

Zonark

Zonark - Noun - A God
Member
Joined
Jul 11, 2010
Messages
410
Trophies
1
XP
2,307
Country
United States
I agree fully I highly doubt it would just be narrator running is someone was really wanting to cause harm
 

diggeloid

Alex
Member
Joined
Apr 29, 2019
Messages
468
Trophies
0
Age
34
Location
gbatemp.net
XP
2,366
Country
United States
If anyone needed more proof that playing games on a work/personal PC with important stuff on it is a bad idea. Games are rarely written to be secure.

...although, if you're on Linux, you could throw all of your games into Docker/Podman containers and not worry about RCE exploits touching your system, and not lose any performance like you would with a VM.
 

AlexMCS

Human
Member
Joined
Jul 3, 2018
Messages
627
Trophies
0
Age
38
Location
Fortaleza
XP
2,840
Country
Brazil
If anyone needed more proof that playing games on a work/personal PC with important stuff on it is a bad idea. Games are rarely written to be secure.

...although, if you're on Linux, you could throw all of your games into Docker/Podman containers and not worry about RCE exploits touching your system, and not lose any performance like you would with a VM.

chroot jail would be enough on Linux

As for windows, running as an unprivileged user can solve security issues, if there isn't a privilege escalation exploit on the system as well.
 

N7Kopper

Lest we forget... what Nazi stood for.
Member
Joined
Aug 24, 2014
Messages
975
Trophies
0
Age
30
XP
1,291
Country
United Kingdom
chroot jail would be enough on Linux

As for windows, running as an unprivileged user can solve security issues, if there isn't a privilege escalation exploit on the system as well.
There's always a possibility of breaking through any software sandbox. Extra security layers are very helpful, but robust is not invincible. If you're THAT concerned, don't account on your gaming PC's network.
 

Tom Bombadildo

Dick, With Balls
Member
Joined
Jul 11, 2009
Messages
14,573
Trophies
2
Age
29
Location
I forgot
Website
POCKET.LIKEITS
XP
19,185
Country
United States
TBH I'm shocked they're bothering to do anything at all really, so good for them I guess. I don't expect they'll just shutdown the servers completely, they'll probably just actually implement an anti-cheat that should be able to detect shit like this and just kick players from sessions who are detected using cheats (ie like the Blue Sentinel mod for DS3).
 
  • Like
Reactions: Xzi

diggeloid

Alex
Member
Joined
Apr 29, 2019
Messages
468
Trophies
0
Age
34
Location
gbatemp.net
XP
2,366
Country
United States
chroot jail would be enough on Linux

As for windows, running as an unprivileged user can solve security issues, if there isn't a privilege escalation exploit on the system as well.
Nah, a simple chroot doesn't get you anywhere near the amount of security/isolation you'd get with something like Docker or Podman, which use kernel sandboxing features. Throw in some SELinux on top of it all, and you have some hardcore security.

As for Windows, an unprivileged process can still fuck your shit up. I haven't tried Windows 11, but I know that Win10 (and earlier) at least doesn't implement any kind of sandboxing. So a rogue process might not be able to delete your System32 folder, but it could definitely ransomware your files, steal your bitcoins, email your pron folder to grandma, etc.

On Windows the only reasonable thing to do is to not play games on a PC that has important stuff.
 

codezer0

Gaming keeps me sane
Member
Joined
Jul 14, 2009
Messages
3,573
Trophies
2
Location
The Magic School Bus
XP
4,498
Country
United States
I just hope they actually fix it rather than just killing off the servers for good.
Nintendo flat out banned all DS and Wii online access entirely because they refused to fix the endemic of impossible trades that flooded the Pokémon gts. And of course it just followed the new system, at the bonus of being required to pay for nso *and* Pokémon home to suffer through it.

Back on topic...

From software has a history of treating the PC platform like a fourth world nation. I don't think they'd even know how to fix it, much less are willing to do so.
 

tech3475

Well-Known Member
Member
Joined
Jun 12, 2009
Messages
3,618
Trophies
2
XP
5,980
Country
Their servers were under fire, much like Titanfall. I feel an exploit isn't reason enough to shut down servers. Guess we'll see?

I just used that as an example, particularly since the PS4 version was still being supported.

We don't know the exact cause nor potential solution to this problem, even something as simple as updating a library has given me problems in the past due to changes. Won't be surprised if some manager goes 'it's not worth the cost' or even just uses this as an excuse to shutdown the servers.

My post was just the worst case scenario and I hope it wont be the case.

As you say, we'll have to wait and see.

Nintendo flat out banned all DS and Wii online access entirely because they refused to fix the endemic of impossible trades that flooded the Pokémon gts. And of course it just followed the new system, at the bonus of being required to pay for nso *and* Pokémon home to suffer through it.

Back on topic...

From software has a history of treating the PC platform like a fourth world nation. I don't think they'd even know how to fix it, much less are willing to do so.

Reportedly, Gamespy's shutdown was the reason behind closing Nintendo Wi-Fi Connection.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    @Sicklyboy, $150 isn't that bad for a jtag slim on ebay
  • Veho @ Veho:
    I only wish it was actually playable.
  • Veho @ Veho:
    There's a guy on the Tube of You that makes playable mechanical arcade games out of Lego. This could work on the same principle.
  • Veho @ Veho:
    Just a couple of guys taking their manatee out for some fresh air, why you have to molest them?
  • Veho @ Veho:
    Stupid Chinese shop switched their shipping company and this one is slooooooow.
  • LeoTCK @ LeoTCK:
    STOP BUYING CHINESE CRAP THEN
  • LeoTCK @ LeoTCK:
    SUPPORT LOCAL PRODUCTS, MAKE REVOLUTION
  • LeoTCK @ LeoTCK:
    THEY KEEP REMOVING LOCAL SHIt AND REPLACING WItH INFERIOR CHINESE CRAP
  • LeoTCK @ LeoTCK:
    THATS WHY MY PARTNER CANT GET A GOOTWEAR HIS SIZE ANYMORE
  • LeoTCK @ LeoTCK:
    HE HAS BIG FOOT AND BIG DUCK
  • LeoTCK @ LeoTCK:
    d*ck i mean*
  • LeoTCK @ LeoTCK:
    lol
  • Veho @ Veho:
    Mkay.
  • Veho @ Veho:
    I just ordered another package from China just to spite you.
  • SylverReZ @ SylverReZ:
    Communism lol
  • SylverReZ @ SylverReZ:
    OUR products
  • The Real Jdbye @ The Real Jdbye:
    @LeoTCK actually good quality products are dying out because they can't compete with dropshipped chinese crap
    +2
  • BakerMan @ BakerMan:
    @LeoTCK is your partner the sascrotch or smth?
  • Xdqwerty @ Xdqwerty:
    Good morning
  • Xdqwerty @ Xdqwerty:
    Out of nowhere I got several scars on my forearm and part of my arm and it really itches.
  • AdRoz78 @ AdRoz78:
    Hey, I bought a modchip today and it says "New 2040plus" in the top left corner. Is this a legit chip or was I scammed?
    AdRoz78 @ AdRoz78: Hey, I bought a modchip today and it says "New 2040plus" in the top left corner. Is this a legit...