|
<Patch 0 - v.1.01.9558 - May 15th, 2012::RetailLaunch>
There was no clientside implementation of Warden with the retail launch version of Diablo III. That means there was no "WardenClient" to handle and interpret Warden requests sent from the server. The server sends modules (henceforth "warmods") which contain 'instructions' that tell Warden what to look for. These warmods can be changed serverside (sometimes referred to as "hotfixing"). That means Warden can receive new instructions at just about any time without you knowing. If Warden asks the client if it has a .wmod (the "random" numbers/letters of a .wmod name is an md5 sum) and it doesn't, the client will download, decrypt, and prepare the .wmod instructions so it can "look". Otherwise, it will just load from the cache. The warmods will use various tactics to seek out digital fingerprints of hacks. If you used a program that becomes detected, you are still okay as long as you don't use it actively after Warden has received specific instructions to look for evidence related to the hack. What you did before that is irrelevant. While serverside instruction set deployment can essentially be on-the-fly at the will of Blizzard, what the client responds with is somewhat the same for every warmod. The majority of instructions will be checking for modified known-hack offsets and signature scans.
<Patch 1.0.2 - v.1.0.2.9749 - May 29th, 2012::WardenImplemented>
As expected, Warden was implemented clientside with the first client patch. Now that the clientside responder is there, this means Warden is there. However, it can "watch" you hack all day long, but if it has no warmods with instruction sets, it will do nothing about it. At this time, there is no evidence of any warmods. Warden is running blind, and you should still be safe. That does not mean there will not be any warmods activated before the next patch, though! There is still risk to hacking now. They can write new instructions at any time and you will not be aware until it's too late if you don't use some kind of safety mechanism. To debunk a common mistake: Warden does NOT ban accounts. If you are caught cheating, it responds with a message to the server saying you are a bad player, and it flags your account to a blacklist for the next ban-wave. Apparently Warden is live at authentication similar to StarCraft rather than in-game like Diablo II. I'm not sure if it's exactly at auth or after you choose a server, or what, but this is a good thing.
D3Advanced users: Feel safer! D3Advanced will terminate Diablo 3 if it detects Warden loading any new warmods!
<June 4th (sometime around 4PM Cali time?? I was busy moving..>_>)>
I don't think this was actual _direct_ Warden activity. Someone said rolle3k mentioned something about "Scan.dll". It was probably just delivered through Warden. If anyone has any further information, please post.
<June 8th/9th>
Blatant warmods are being distributed. Specific details will not be provided as to what each one does for various reasons. As the end-user (read: cheater), all you need to know is that they are there and you should be using a hack with preemptive measures in place to deal with them (such as D3A!). It is the job of the developer to deal with it. Anyone with the need-to-know should already know how to dump and analyze themselves. There is plenty of information floating about. I believe tracing back from FIC or [md5].mod reference and obtaining RC4 decryption key on warden loading is still the common convention, but I don't know much direct information regarding D3's implementation specifically.
=> This is probably the end of 'updates' with regard to Warden as far as end-users are concerned. Warden is fully-active. The next thing will probably be about it going temporarily idle for some reason.
|
Warden is now ACTIVE! : Diablo 3 General Discussions
RSS Feed
Sitemap
