Blizzard is secretly watermarking WOW screenshots

One reason nefarious people would use this is to gain verified account name information. Get enough of those and there are bound to be some passwords that are easily brute forced.

Furthermore as the article states blizzard could use this to track private servers.

I'd be concerned for lots of random people that take screenshots and post them online, making public their account ids. Probably not a huge deal, but it's more information that they're giving out that they don't need to be.

The people under NDAs, hackers, and griefers are going to know about this now and just turn them off. Which means the only people negatively impacted by it are the innocents.

People spend a lot of time and money on WOW.

Combine money and time and intense interest and huge number of users gives you the situation where people will find exploits.

People in real life have (very rarely) been murdered over video game items. It's probably a good idea to make sure any hidden information is carefully encrypted.

This is an old post so I don't know if anyone will see it, but I'm betting that this is used at least in part to crack down on private servers, thus the inclusion of Server IP.

If you've ever dealt with giving support to people, they usually love to give as little information as possible. I suspect this could potentially help solve any issues or disputes.

probably due to wanting to recover as much information as possible in the event of data loss such as cropping, competing watermarks, compression, etc.

I don't feel like encrypting it would make it acceptable. Keys can be leaked.

I just don't feel like it's okay to secretly store someone's private information in a file they believe is safe to share publicly, no matter how well you think you've hidden it.

Um, this is done client-side, no? How would they protect the encryption key?

I believe the best defense would simply be education & knowledge of all the encryption/privacy tools available to the average user, if they feel their ISP/whatever is snooping or intruding too far.

I have a project for DRM for the masses. (will also use watermarking)

I don't think its disabled, the finders just aren't able to retrieve it via the sharpening technique. There is some disassembly of the WOW binary several pages into the thread which I have no way to verify but if accurate is a strong indication that this is real.

The default setting is 3.

It's probable that with a 10 screenshot quality a different algorithm can be used.

Your premise is flawed. Programmer is to user as refrigerator manufacturer is to user. If the fridge fails and your food goes bad, caveat emptor. If you have a problem with that, nobody is stopping you from writing your own code.

Yeah except they can be faked.

I was wondering recently if there's an equivalent of inkjet-dots in popular digital cameras, either deliberately added, or accidentally in noise patterns, which would allow you to link two separate images to the same camera.

That could be interesting for finding people posting some photos under their real name, and then identifying their other interests they'd prefer to keep separate (legal interests or not).

something like this can be used to track down someone who does bootleg recordings. Say our bootlegger buys a camera from samsung, samsung uses a water mark like this which gives out a unique device id. The bootlegger who doesn't know about this tracking thing uploads his 1080p raw video. MPAA then collaborates with samsung to find out was the bootlegger(although that would involve tracking the sale from the reseller/distributer and contacting/capturing the bootlegger).I just gave MPAA a really nice idea.

Isn't this just steganography? I'm quite sure organizations of all flavors and kinds are putting it to good use as we speak :)

A minor point: the character name is not included, the account ID is. I don't think the account ID is that helpful for any prospective hacker, but this method might allow you to compare two screenshots and confirm that they were taken by the same person.

A couple of hypotheses, off the top of my head.

1. NDAs - if someone's in a closed beta, and starts posting screenshots, they can quickly identify the culprit.

2. Hacks - if someone anonymously boasts about finding some exploit in the game, and shows screenshots, they can be tracked down.

3. Abuse prevention - if someone posts screenshots of themselves abusing another player, or breaking the TOS in some other way - but with names blurred out - it would still be possible to find out who it was.

It's not uncommon for griefers or cheaters to anonymously brag about their exploits via screenshot. If the screenshot were watermarked, identifying their account and whatnot, then Blizzard could take action against them.

The suggested idea (regardless of whether or not it's plausible) is NDA leak tracking: finding the people in private betas that are leaking information when they shouldn't be.

If it turns out to be true, it's a pretty cool yet creepy application of steganography in the wild.

Sounds like it has information in it like account name and date. Could be useful for debugging.

"This item looks like it turned inside out, here's a screenshot!" (made up issue) -> now the support has all information they actually care about and which user may not even remember anymore - game version, time, servers, character ids, etc.

PNG is a lossless format and will not cause the image data to change whatsoever upon saving. JPEG, on the other hand, is a lossy format, but until more is known, it's impossible to say whether or not this secret data (if that's what it really is) happens to be muddled by the lossyness of JPEG's algorithm.

Probably not. It looks like this might be doing something clever and possibly relatively robust in the frequency domain, though the details haven't been reverse engineered yet.

There are a significant amount of logs for things like that. Screenshots are likely never accepted for that kind of request.