[adeaver]

How hard would it be to stick a proxy between the game and the servers (on the players machine), capture some data, and configure the proxy to listen for message 'X' from the game and return response 'Y'.

If that could be done (by someone with far greater skills that myself, I can do it for Web dev but not this) fairly easily and the game play went on for several hours would that not put a very big hole in EA's argument?

I mean other than the one already sitting there...

[Afforess]

I tried that days ago with Wireshark. SimCity uses SSL for server communication and it has hard coded certificates - it does not use the OS SSL certificates. This prevents you from using a self signed cert to decrypt the data, at least without complicated patching of the game exe.

[Kaali]

How about catching the packets before SSL? I have no knowledge about modern Windows debugging, or how Simcity might block a debugger. But I guess you could pinpoint the location of the messages just before SSL encryption, and just dump them out?

[ekimekim]

That sounds plausible. Again, I'm not a windows guy, but unless they've statically linked the SSL libraries, you should just be able to inject your own dll and capture the data on the way into the library.

[Kaali]

I would think that they have statically linked it, which is why I thought about using a debugger to catch the data. With dynamically linked library, such as OpenSSL, it would be quite easy to capture the data.

[tirant]

You could just search for the certificates in the code, and update them with your own.

[fnordfnordfnord]

But haven't they been rushing updates out the door? They may have been careless given the situation.

[tedks]

Presumably, it would be as hard as breaking the DRM scheme that they're using to prevent people from doing that to play illicitly shared copies in offline-only mode.

[jordanthoms]

There is precedent for this, it's how the Assassin's Creed II DRM was bypassed. (And simple versions of it were done quickly)