Suspect IP addresses from IL-2

[ii-ViCioUs-SwE__]

These are some suspect IP addresses which my anti virus/malware software detected and flagged as potentially harmfull. These are accessed by IL-2 when I play the game.

Some of the IP addresses:

185.21.216.133 United Kingdom (GB) 79.135.136.155 Rezekne, Rezekne, Latvia (LV)

http://www.tcpiputils.com/browse/ip-address/185.21.216.133

Edited August 30, 2014 by ii-ViCioUs-SwE__

[Emgy]

You can disable that in the launcher options. Btw P2P patching is also used by Blizzard/Battle.net among others.

[ii-ViCioUs-SwE__]

The one in the link is classed by the website as harmful. 

Blocklist lookup Adult hosting not listed  Dshield droplist not listed  Hackers, Spyware, Botnets etc. listed  Open proxy not listed  Spamhaus droplist not listed 

[Outlaw]

I must shamefully admit that I have not read the license agreement carefully (and only fired up the game a few times), but, opening up my network to others should come with a VERY big disclaimer.

 

--Outlaw.

[SYN_Mike77]

If you don't like it you can turn it off. They made that pretty clear.

[Jaws2002]

I'm amazed that peer-to-peer file distribution is still so widely misunderstood.

 

 

I'm amazed that peer-to-peer distribution is ON by default in Il-2BOS.

 

I have no problem turning it ON, when I want, but turning it ON, by default, when you install the game is not exactly fair business  practice.

Edited September 6, 2014 by Jaws2002

[Jaws2002]

If you don't like it you can turn it off. They made that pretty clear.

 

 

No they didn't.

 

It would be clear, if a popup message came on when you install to ask you if you want it on....or whenever they turn it on again with the next patch.

[Outlaw]

Peer-to-peer distribution is THE ONLY option for a lot of games.

 

There is nothing to fear, really.

 

In case anyone is concerned they could always read up on what peer-to-peer means and what it can and cannot do.

Then they would realise their fears were unfounded.

Peer-to-peer is a massive security risk and there is no mitigation except in the code itself. The definition of P2P does not determine what it can and cannot do, the code determines what it can and cannot do and if the code is flawed (or intentionally designed to mislead and/or harm), then it can be used/exploited.

 

That being said, I cannot find any mention of P2P anything in any policies of the latest version. I see an option for, "Prefer Web Distribution" but that is it, there is no explanation. Regardless, there are no inbound ports open in my firewall that will resolve to my game machine so no inbound P2P connections will reach me. Of course, that does not prevent my machine from contacting a server to get the IP address of someone who is not behind a firewall and is waiting to receive whatever data the BOS developers want to send.

 

Is it actually confirmed the BOS uses P2P as a distribution method and, if so, where is it noted?

 

 

 

 

--Outlaw.

[Outlaw]

Feel free to show me HOW P2P actually protects your data.

 

The only security you have in a P2P scenario is what is in the code. End of story. If you trust someone else's code that much, I refer you to Apple's most awesome unlimited password guessing vulnerability that allowed the most recent spate of stolen data.

 

 

On a related note, P2P is not an allowed search term on this forum and "peer to peer" only showed this thread. Do you know off hand where the developers comments you noted are located?

 

--Outlaw.

Edited September 7, 2014 by Outlaw

[Outlaw]

Feel free to show me how the BOS P2P distro system is a security risk.

Any software that accepts an incoming connection, tunneled or not, is a security risk. There are ZERO security experts on the planet that will disagree with that. It's a fact. NOTHING can dispute it.

 

In fact, show me any case of any game launcher that employs peer-to-peer distribution which has involved a compromise of the users data.

I never said such occurred, I simply stated that it is a risk. Also, an attack does not always mean a loss of data. There are MILLIONS of bots on the Internet and only a very few are aware of it and most of those will NEVER be aware of it. Relying on what is reported is a very poor measure of security.

 

As if password stealing is in any way related, it has nothing to do with peer-to-peer file sharing.

 

Scaremongerer.

I never related it directly to P2P file sharing. It is related to blind acceptance of someone else's code as being secure and I specifically stated such. Also, the passwords WERE NOT STOLEN. They were brute forced DUE TO A VULNERABILITY in Apple's crappy software (I know, that's redundant right?). What's to say that BOS does not have an unknown (at least to us) vulnerability? Granted, I doubt anyone would decompile and reverse engineer BOS code to find something like that, BUT, what if they used a commonly available library for their P2P tunneling? What if THAT has already been comprimised? What if the developers machines are comprimised already? If it is homegrown software will they make it available for peer review (no, the irony is not lost on me!)?

 

Are you really willing to trust the security of EVERY SINGLE BOS software purchaser? If so, good, because that's what you're doing. It's much like sleeping with someone. When it comes to viruses you're also sleeping with everyone they have slept with.

 

 

 

Regardless, I did find at least some of the topics you mentioned (I'm an idiot so my previous search was only in this topic - I must hang my head in shame) and, aside from a brief mention of the settings, I saw nothing from the developers about actual security.

 

As I said before, there are no statements anywhere in the licensing/policy agreements that I could find about the use of P2P distribution which I feel is VERY underhanded.

 

Ffs we live in educated times where it's easy to find out about new hacks every day, and still ... we are kept in the dark by software vendors.

 

Fortunately it is a simple choice. Open up your network if you like, don't if you don't like. Although it shouldn't take a trip to this forum to find out enough information to make the choice.

 

--Outlaw.

Edited September 8, 2014 by Outlaw

[SYN_Mike77]

At that point shouldn't you be afraid to play any games that have any online component at all? If you are that paranoid simply unplug from the grid completely.

[Outlaw]

At that point shouldn't you be afraid to play any games that have any online component at all? If you are that paranoid simply unplug from the grid completely.

Absolutely not. Multiplayer UDP packets are very different from a controlled file server connection.

 

Granted there is always a risk but simply dealing packets of the game's state is a significantly lower risk than compromising the disk ACL.

 

 

--Outlaw.

Edited September 8, 2014 by Outlaw

[Outlaw]

Life's too short.

 

Get a firweall. Make sure your antivirus software is up to date.

 

Stop worrying about what if scenarios.

 

You'll be fine.

Too short to expect that I will be clearly informed if my computer will be used in a peer to peer environment? I think not.

 

Is life too short to bother remembering the PIN for your debit card? Or is it just fine to write it in big numbers on the card itself? After all, why worry about what will happen IF your card is lost, stolen, or viewed by the teller/checker/guy next to you/survelliance camers, etc.

 

If you want to turn it on then rock on, but stating that peer-to-peer is safe because of what it, "can and cannot do" is 100% inaccurate. It can do anything the developer and the OS allow it to do (either intentionally or accidentally).

 

Considering the consequences (which admittedly vary from person to person), it's such a simple thing to NOT do (assuming you are informed that is) why would you even consider it?

 

--Outlaw.

[Rama]

End