IndieGames have a really interesting story about Symantec’s response to Zach Gage’s indie game, Lose/Lose, that Kieron wrote about here. The impish game’s a shmup that deletes files from your computer every time you shoot an enemy ship. Which is something anti-virus computer-protecting Symantec have now identified as a threat, and labelled it a trojan.
At the moment Symantec are only identifying it as a risk for Macs, and only referring to Lose/Lose as a Mac game. Either this is just their Mac portal, or they aren’t aware it’s on PC too. Or perhaps I’ve missed the PC-equivalent announcement. But the point is, Lose/Lose now even has a virus codename: OSX.Loosemaque. Now that’s a badge few developers can claim.
Symantec do recognise that it’s a game, and importantly in their video (below) they recognise that Gage goes to great lengths to make it clear that the game will delete your files. Their given reason for considering this warning not enough is interesting:
“There’s nothing stopping someone with more malicious intentions from modifying it slightly and then passing it on to unsuspecting users, causing significant damage to a computer.”
That’s presumably true. But can you label something that openly declares it deletes files a “threat”? Could you say the same of any respectable legitimate application used to format your hard drive? Or does Lose/Lose’s mischievous nature put it in another category? The game is definitely damaging to your computer, and saying that it is doesn’t mean it does any less damage when played.
This ambiguity is perhaps unfairly removed when you visit the threat’s page on the Symantec site. Here it is simply described as:
“OSX.Loosemaque is a Trojan that appears to be a video game, but deletes files from the home folder when a user plays it.”
Which is completely true, of course. But rather missing some significant nuance. When you go for further details it gets deeper into the oogie-boogie language.
“The Trojan may arrive on the computer as a application folder with the following name: lose lose.app
When executed the user is presented with a video game.”
Presumably the fear is someone sends the file to their buddy who is unaware, and runs it. Or presumably this general language takes into account the feared potential changes that would remove the warnings. The Symantec description concludes:
“When the user character is destroyed, the game ends, and the Trojan sends the user’s score to the following server, then deletes itself from the compromised computer”
Having not played the game (obviously) I’m not sure if this last part is definitely the case. Does it really delete itself like a sneaky virus might? (It seems it does.) So what do you think? Are Symantec right to label this as malware? Or is it artistic expression being misunderstood and unfairly victimised?
Whatever the case, it’s certainly great publicity for the game that’s just been nominated entered itself for next year’s IGFs. We’ve contacted Gage to see what he thinks. All credit to IndieGames for the story. And you can watch the Symantec video below. (It’s fun hearing the game referred to as a “threat”.)
Related Stories:
This is just a big steaming pile of stupid!
Moving on….
I wonder what the sequel will do.
I suppose it will be “win/win”… and will implement a “Help virtual people simulator”-sims game with a in-game paypal account where you help this virtual starving people, ..where in real world real money is removed from your paypal and added to real people that need the money in the third world.
Yeah, and if you beat the game without dying, they’ll take as much money from you that you can – IN REALITY! – become one of those starving people.
who gives a shit?
I think it’s fair to call it a threat, and arguably even malware – albeit self-identified malware. But it’s not a Trojan. Here’s Symantec’s own definiton of a Trojan: “Trojan horses are impostors—files that claim to be something desirable but, in fact, are malicious. “. Lose/Lose does exactly what it claims to do.
The game clearly tells you what it is, and what it does from the get go it seems. So someone can engineer it do something else, there are plenty of things that could fall under that. This all just seems do ridiculous. Someone offers people a choice, informs them of the consequences of said choice and then others get up in arms because some illiterate people, or those that lack common sense may be harmed.
I don’t know why there is a *do* in there.
Looks like a lose/lose situation for the dev.
Raping,killing and looting is just War.
But a Gentleman does not demand a Gift back…
They do the same to the entirely innocuous Blue Screen of Death screensaver so it’s not without precedent.
You can always add an exception to your virus scanner I’m sure.
But if you’re stupid enough to play this “game”, are you smart enough to know how to modify your virus scanner? Are you smart enough to *have* a virus scanner?
Who didn’t see this coming from the start. Honestly, the “clever” gimmick of trashing your files as you play always seemed pretty lame from a game-design-as-art standpoint anyway so I have no sympathy.
Even if the author made it stupidly obvious that this is a dangerous thing to run, why should Symantec make an exception? Their product is meant to protect your PC / Mac from dangerous things, and this is a dangerous thing. Seems friggin’ obvious to put it on the do-not-allow list.
Obvious dangerous situations that you didn’t mention:
– user does not actually speak or read English
– someone runs game on other person’s computer, clicks past the warning, then calls them over to play it
– someone emails this around with a false explanation that the warning is some kind of prank and that it’s actually harmless (”p.s. try scaring your boss with this LOL!!1!!”)
– someone’s 4 year old thinks this is funny to run on mommy’s computer
OSX.DeleteKey
Risk Level 5: Oh Noes!
Discovered: November 5, 2009
Updated: November 5, 2009 10:58:12 AM
Also Known As: OSX_DEL
Type: Trojan
OSX.DeleteKey is a Trojan that appears to be a valid keyboard button, but deletes files from the home folder when a user presses it.
Threat Assessment
Wild
* Wild Level: High
* Number of Infections: Near Universal
* Number of Sites: Pretty much everyone
* Geographical Distribution: Ubiquitous
* Threat Containment: Impossible
* Removal: Easy
Damage
* Damage Level: High
* Payload: Deletes files from the home folder.
* Modifies Files: Deletes files from the home folder.
*gets a flathead screwdriver to start prying dangerous Delete keys out of keyboards.
Clever though it may be as an artistic expression, which I admit I apparently don’t understand how that is artistic, the fact remain that it’s an interactive virus.
This piece of navelgazing trash was nominated for IGF?
More bloody proof that IGF is a total pile.
So, are you ever *not* furious about something? Also, the question would be who nominated it. Just being nominated means approximately nothing.
i reckon ‘trojan’ fits better than ‘game’ for this lump of software
Hey John/RPS-ers, saying it’s been ‘nominated for IGF’ is causing commenters to shout at the IGF, which is wholly unfair. It’s been _entered_ in the IGF, which is quite different, of course – anyone can enter their own game. Please correct article? Ta!
Simon@IGF.
And… what do any of your examples have to do with it being defined a trojan? Or even why only the Mac version is a trojan. The first one is the only bit slightly credible, but I’m pretty sure Symantec’s AV is more than primarliy an English application.