Warning regarding nearly all of Tom_BMX's apps

broken avatar :(
Created 2213 days ago
by treminaor
0 Members and 1 Guest are viewing this topic.
17,439 views
broken avatar :(
×
broken avatar :(
[UGX] Founder
Location: usBay Area, California
Date Registered: 24 June 2011
Last active: 42 days ago
Posts
5,545
Respect
6,488Add +1
Forum Rank
Immortal
Primary Group
UGX Administrator
My Groups
More
My Contact & Social Links
More
Signature
If Java had true garbage collection, most programs would delete themselves upon execution.
×
treminaor's Groups
UGX Administrator
UGX Team Member
UGX Site Moderator Has the ability to issue warnings to users, edit and remove posts from the forum and to move topics to other boards. Upholds the rules of the forum. Moderates Chat Rooms.
First, I would like to say that we are not condemning the the use of Tom_BMX's tools, and that we appreciate the massive amount of work he has done in the area of xmodel and xanim ripping for the Call of Duty series. It has helped our team in a number of different ways, for which we are grateful and humbled. We realize that without these tools, the Black Ops 2 and Modern Warfare 2/3 model porting we do for UGX Mod would not be nearly as straightfoward, and obtaining the animations would be impossible without his tools.

With that in mind, I would like to make our users aware of some recent activity regarding these tools, and would like to explain what exactly is going on and how it may concern our users. At the end of the post you can find steps to follow in order to ensure you are protected from the malicious activity.

Lastly, we would like to encourage Tom_BMX to respond to these allegations, and provide explanation as to why he has done this.

We are not trying to stir up any "bad blood", and any posts from forum users which are hostile in nature will be removed from this topic.

Thank you.

PS: There's a summary at the bottom for the lazy people out there :)

Background

Back in August 2012, I discovered that Tom_BMX's Xmodel Export Utilities (which was still a new program) was sending data to Tom's servers paired with your public IP address. I then publicly warned that since Tom has access to the ZM user database (which contains your IP address), he could match up your ZM username's IP with his program database of IPs, therefore making the data collection not anonymous. This information could be used to track you and also in some cases obtain your general location (based on your ISP's setup - sometimes it's completely inaccurate).

At some point since then it seems he changed the program (via an update) so that it no longer sends specific xmodel data upon export.

New Information

With the recent posts from [You are not allowed to view external links. Register or Login to see them] and [You are not allowed to view external links. Register or Login to see them] regarding Tom's actions, some new information has come to light which should concern you.

Using a network monitoring tool called [You are not allowed to view external links. Register or Login to see them] , I was able to determine that Tom's Xmodel Utilities, BO Sound Tool, and xAnim Exporter send non-anonymous data to Tom.  I encourage you to try it yourself and look at the data ([Instructions]). The destination IP address is 83.170.112.44, which is the server for tom-bmx.com

The data includes:
  • Your IP Address
  • Your computer username (whatever is at the top of your Start Menu)
  • How many times you have used the program (Only for Xmodel Utilities)
  • How many models you have exported (Only for Xmodel Utilities)

Here is an example of the data collection he is doing, as seen in Wireshark (Click the image to zoom):

As you can see, his program is reporting that my IP address has used the program 73 times, exported 37 models, and my name is Andy King. The program reports these stats to Tom every time it checks for updates, which is every time you open the program.

Implications

When I brought this up in the past, Tom responded by saying that his program(s) only collected anonymous statistics (I would quote the topic but he deleted it shortly after). This would be harmless if it were true. Instead he is collecting your username and pairing it with your IP address. This way even if your IP address changes regularly or you use a proxy, he can still identify you by your username.

The reason I have arrived at this conclusion is because BigDave claimed today that Tom_BMX said the following to him in confidence at some point in a conversation between the two of them:


[You are not allowed to view external links. Register or Login to see them]

Assuming this is true, Tom is not just using your information to attach your stats to a name; he is keeping track of your identity so that if he wanted to, he could attack your computer or otherwise track you. This is entirely illegal and violates privacy laws in both the US and UK.. You did not agree to give up personal information or to be tracked when you downloaded this program.

BigDave also had this to say, which raises more concerns:

[You are not allowed to view external links. Register or Login to see them]

Privacy Laws

Source: [You are not allowed to view external links. Register or Login to see them]

Here are some key points of the Privacy Laws in the United States, which are the same in over 80 other countries in the world - which includes the UK where Tom_BMX resides:

  • For all data collected there should be a stated purpose.
  • Transmission of personal information to locations where "equivalent" personal data protection cannot be assured is prohibited.

Regarding the first point, Tom has not stated a purpose for why he needs to store all of our personal names and IP addresses, other than in certain cases where he may want to remotely run unauthorized commands on our computers through malicious code in his programs.

If the purpose was purely for statistics, he should not be collecting our names (much less storing them!) and our IP addresses should not be stored either (but there is no way to prevent collection since this is how the internet works). There is also no notice in the program or on his website or in any License Agreement/EULA that notifies you that data is collected for statistical reasons.

For the second point, we have no assurance that our personal information is safe or protected in any way, which means that collection is prohibited by law. Again, the model exporting statistics are not the issue here - it's our usernames and IP addresses, and the threat of malicious intent.

How do I protect myself?

First, get a firewall if you don't have one already. If you have Windows Firewall turned off, turn it back on. Use it to block Tom's programs from connecting to the internet. If you want to check for updates, visit his website directly instead of using the in-app update checking (which will be blocked by the firewall).

Secondly, make sure you are taking the necessary precautions against unknown incoming connections. Check Google for more info on this.

If you don't want to use a firewall and don't care about not being able to check for program updates, you can do the following:

Navigate to
C:\Windows\System32\drivers\etc\

Right click the file named "hosts" and choose "Open". Select Notepad from the list. Scroll to the bottom of the file and use your Enter key to make a new line. Add:
127.0.0.1 tom-bmx.com
to the bottom of the file. File->Save the file, then close it.

By adding that line, you are telling your computer to redirect all outbound tom-bmx.com requests to 127.0.0.1, which is a fancy way of saying that you are blocking all outbound connections from your computer to tom-bmx.com. This will prevent him from collecting data from your computer.

TL;DR

Tom_BMX's applications are violating the privacy laws of over 80 countries, including the US and UK. He is collecting your IP address and Windows username, and storing them in a database on his server for personal use. He has also (allegedly) put malicious code inside his application that he can use to remotely run commands on the computers of application users. Use a firewall to block these connections or edit your hosts file.
broken avatar :(
×
broken avatar :(
UGX Chum Lord
Location: nzWins
Date Registered: 24 June 2011
Last active: 196 days ago
Posts
241
Respect
Forum Rank
Mr. Elemental
Primary Group
UGX Co-Founder
My Groups
More
My Contact & Social Links
More
Signature
×
W1NG3D's Groups
Donator ♥ Benevolent Soul who has our eternal gratitude and exclusive access to betas and the donator section of the forum.
UGX Co-Founder
Oh dear
broken avatar :(
×
broken avatar :(
The OG Polish Modder
Location: pl
Date Registered: 19 June 2013
Last active: 250 days ago
Posts
1,666
Respect
Forum Rank
Zombie Destroyer
Primary Group
Donator ♥
My Groups
More
My Contact & Social Links
More
Personal Quote
#RyukoRocks
Signature
[FS] Social Networking, Lead Animator and Scripter
[You are not allowed to view external links. Register or Login to see them]
[You are not allowed to view external links. Register or Login to see them]
×
Ray1235's Groups
Donator ♥ Benevolent Soul who has our eternal gratitude and exclusive access to betas and the donator section of the forum.
BO3 Modtools Alpha
BO3 Modtools Alpha
This user has access to the Black Ops 3 Modtools Alpha
Fuck. My. Life.
Mind = Blown
Last Edit: August 29, 2013, 08:11:41 am by Ray1235
broken avatar :(
×
broken avatar :(
Location: de
Date Registered: 5 April 2013
Last active: 398 days ago
Posts
279
Respect
Forum Rank
Mr. Elemental
Primary Group
Donator ♥
My Groups
More
My Contact & Social Links
More
Personal Quote
"Niisan would you brush me theeth?"-karen 2013
Signature
×
IHammY/'s Groups
Donator ♥ Benevolent Soul who has our eternal gratitude and exclusive access to betas and the donator section of the forum.
do you actually know if lime does that too? because lime doesnt even start if it cant look for update ...
and yeah what should i say... kinda makes me angry  >:(
broken avatar :(
×
broken avatar :(
[UGX] Founder
Location: usBay Area, California
Date Registered: 24 June 2011
Last active: 42 days ago
Posts
5,545
Respect
6,488Add +1
Forum Rank
Immortal
Primary Group
UGX Administrator
My Groups
More
My Contact & Social Links
More
×
treminaor's Groups
UGX Administrator
UGX Team Member
UGX Site Moderator Has the ability to issue warnings to users, edit and remove posts from the forum and to move topics to other boards. Upholds the rules of the forum. Moderates Chat Rooms.
do you actually know if lime does that too? because lime doesnt even start if it cant look for update ...
and yeah what should i say... kinda makes me angry  >:(
I tested Lime and it appears to only upload crash logs and check for an update xml file on his website (which is why I didn't specify it in the list of programs).

broken avatar :(
×
broken avatar :(
Location: de
Date Registered: 5 April 2013
Last active: 398 days ago
Posts
279
Respect
Forum Rank
Mr. Elemental
Primary Group
Donator ♥
My Groups
More
My Contact & Social Links
More
Personal Quote
"Niisan would you brush me theeth?"-karen 2013
×
IHammY/'s Groups
Donator ♥ Benevolent Soul who has our eternal gratitude and exclusive access to betas and the donator section of the forum.
k thanks trem :3
broken avatar :(
×
broken avatar :(
The OG Polish Modder
Location: pl
Date Registered: 19 June 2013
Last active: 250 days ago
Posts
1,666
Respect
Forum Rank
Zombie Destroyer
Primary Group
Donator ♥
My Groups
More
My Contact & Social Links
More
Personal Quote
#RyukoRocks
×
Ray1235's Groups
Donator ♥ Benevolent Soul who has our eternal gratitude and exclusive access to betas and the donator section of the forum.
BO3 Modtools Alpha
BO3 Modtools Alpha
This user has access to the Black Ops 3 Modtools Alpha
Well. At least Lime is clear.
broken avatar :(
×
broken avatar :(
[UGX] Founder
Location: usBay Area, California
Date Registered: 24 June 2011
Last active: 42 days ago
Posts
5,545
Respect
6,488Add +1
Forum Rank
Immortal
Primary Group
UGX Administrator
My Groups
More
My Contact & Social Links
More
×
treminaor's Groups
UGX Administrator
UGX Team Member
UGX Site Moderator Has the ability to issue warnings to users, edit and remove posts from the forum and to move topics to other boards. Upholds the rules of the forum. Moderates Chat Rooms.
Well. At least Lime is clear.
Doesn't mean there isn't any malicious code in it, though. Don't really have any way of telling that until the day he uses it.
broken avatar :(
×
broken avatar :(
Location: auMelbourne
Date Registered: 6 August 2012
Last active: 981 days ago
Posts
125
Respect
Forum Rank
Pack-a-Puncher
Primary Group
Member
My Contact & Social Links
More
Personal Quote
TMG Modeller and Animator
Signature
Current W.I.P Map
nazi_zombie_ash (the name may change)
Map Progress:
65.7564%

Need help with guns, sounds or models send me a PM
×
P0rkRoyalz's Groups
P0rkRoyalz's Contact & Social Linksa13xm33P0rkRoyalzP0rkRoyalz
HAHAHA, you cant be serious, if the application is connecting to the server obviously its checking for updates, you say your so humble and appreciative of all the work he does that make our jobs easier and then still you still acttack him and accuse him of his tools "tracking" you. Seriously he has alot of better things to do than track people that use his programs, or hack them for that matter, and why would he bother doing such things if he could potentially be working for one of the worlds main/biggest companies (google), why would he ruin that oppourtnity in order to violate tracking and unlawful access to data laws. Honestly it doesnt make sense, also i like the amount of time you spent on making the topic look nice and pretty.  :derp:
broken avatar :(
×
broken avatar :(
[UGX] Founder
Location: usBay Area, California
Date Registered: 24 June 2011
Last active: 42 days ago
Posts
5,545
Respect
6,488Add +1
Forum Rank
Immortal
Primary Group
UGX Administrator
My Groups
More
My Contact & Social Links
More
×
treminaor's Groups
UGX Administrator
UGX Team Member
UGX Site Moderator Has the ability to issue warnings to users, edit and remove posts from the forum and to move topics to other boards. Upholds the rules of the forum. Moderates Chat Rooms.
HAHAHA, you cant be serious, if the application is connecting to the server obviously its checking for updates, you say your so humble and appreciative of all the work he does that make our jobs easier and then still you still acttack him and accuse him of his tools "tracking" you. Seriously he has alot of better things to do than track people that use his programs, or hack them for that matter, and why would he bother doing such things if he could potentially be working for one of the worlds main/biggest companies (google), why would he ruin that oppourtnity in order to violate tracking and unlawful access to data laws. Honestly it doesnt make sense, also i like the amount of time you spent on making the topic look nice and pretty.  :derp:
Did you read the rest of the topic? You can look for yourself using Wireshark, its not just checking for updates.

I'm just concerned about privacy and safety, including for myself since I've been mentioned by name.
broken avatar :(
×
broken avatar :(
The OG Polish Modder
Location: pl
Date Registered: 19 June 2013
Last active: 250 days ago
Posts
1,666
Respect
Forum Rank
Zombie Destroyer
Primary Group
Donator ♥
My Groups
More
My Contact & Social Links
More
Personal Quote
#RyukoRocks
×
Ray1235's Groups
Donator ♥ Benevolent Soul who has our eternal gratitude and exclusive access to betas and the donator section of the forum.
BO3 Modtools Alpha
BO3 Modtools Alpha
This user has access to the Black Ops 3 Modtools Alpha
HAHAHA, you cant be serious, if the application is connecting to the server obviously its checking for updates, you say your so humble and appreciative of all the work he does that make our jobs easier and then still you still acttack him and accuse him of his tools "tracking" you. Seriously he has alot of better things to do than track people that use his programs, or hack them for that matter, and why would he bother doing such things if he could potentially be working for one of the worlds main/biggest companies (google), why would he ruin that oppourtnity in order to violate tracking and unlawful access to data laws. Honestly it doesnt make sense, also i like the amount of time you spent on making the topic look nice and pretty.  :derp:
What would you say about this:
broken avatar :(
×
broken avatar :(
Location: auMelbourne
Date Registered: 6 August 2012
Last active: 981 days ago
Posts
125
Respect
Forum Rank
Pack-a-Puncher
Primary Group
Member
My Contact & Social Links
More
Personal Quote
TMG Modeller and Animator
×
P0rkRoyalz's Groups
P0rkRoyalz's Contact & Social Linksa13xm33P0rkRoyalzP0rkRoyalz
yes i read the whole topic, i personally asked him today about the xmodel utils because dave mentioned it on ZM and he told me that it only checks for updates, and nothing more, as people accussed him of that in the past, and he also said that if people really want to they can turn off the auto updates as he will probably never update it anyway, i would post a picture of the conversation that happened on steam but i had updated steam since which refreshed the chat log.
i cannot confirm anything that is for him to do im just stating what he has told me personally to the most recent events of these accusations
Last Edit: August 29, 2013, 08:44:59 am by P0rkRoyalz
broken avatar :(
×
broken avatar :(
[UGX] Founder
Location: usBay Area, California
Date Registered: 24 June 2011
Last active: 42 days ago
Posts
5,545
Respect
6,488Add +1
Forum Rank
Immortal
Primary Group
UGX Administrator
My Groups
More
My Contact & Social Links
More
×
treminaor's Groups
UGX Administrator
UGX Team Member
UGX Site Moderator Has the ability to issue warnings to users, edit and remove posts from the forum and to move topics to other boards. Upholds the rules of the forum. Moderates Chat Rooms.
yes i read the whole topic, i personally asked him today about the xmodel utils because dave mentioned it on ZM and he told me that it only checks for updates, and nothing more, as people accussed him of that in the past, and he also said that if people really want to they can turn off the auto updates as he will probably never update it anyway, i would post a picture of the conversation that happened on steam but i had updated steam since which refreshed the chat log.
i cannot confirm anything that is for him to do im just stating what he has told me personally to the most recent events of these accusations
I really wouldn't expect him to say any different - using his words as evidence is hearsay. The only evidence you can consider factual is what you can observe happening - and this would be that your name is provided during an update check, along with usage statistics. Why would he need your name for an update check?

- When did you agree to provide your name for an update check?
- When did you agree to the possibility of having your name stored in a database that is out of your control and which you cannot access?

 These are the kinds of issues we are dealing with, and they are all illegal. I'm not trying to get anyone in trouble, I'm trying to get a problem rectified.
broken avatar :(
×
broken avatar :(
Location: auMelbourne
Date Registered: 6 August 2012
Last active: 981 days ago
Posts
125
Respect
Forum Rank
Pack-a-Puncher
Primary Group
Member
My Contact & Social Links
More
Personal Quote
TMG Modeller and Animator
×
P0rkRoyalz's Groups
P0rkRoyalz's Contact & Social Linksa13xm33P0rkRoyalzP0rkRoyalz
fair enough, then can you explain to us users of how we can use wireshark to monitor the activity of toms xmodelutils so we can see for ourselves
broken avatar :(
×
broken avatar :(
[UGX] Founder
Location: usBay Area, California
Date Registered: 24 June 2011
Last active: 42 days ago
Posts
5,545
Respect
6,488Add +1
Forum Rank
Immortal
Primary Group
UGX Administrator
My Groups
More
My Contact & Social Links
More
×
treminaor's Groups
UGX Administrator
UGX Team Member
UGX Site Moderator Has the ability to issue warnings to users, edit and remove posts from the forum and to move topics to other boards. Upholds the rules of the forum. Moderates Chat Rooms.
fair enough, then can you explain to us users of how we can use wireshark to monitor the activity of toms xmodelutils so we can see for ourselves
Sure thing.

1) Download any version of [You are not allowed to view external links. Register or Login to see them] .
2) Open it up and when it asks you to select an Interface, choose what you use to connect to the Internet. Typically this is Local Area Connection if you use wired internet, or Wireless Connection if you use Wifi.
3) In the filter box, put in:
ip.dst==83.170.112.44
And then click Apply.


4) Click the green shark fin that says Start:

5) Now open Tom's Xmodel Utilities (or BO Sound Exporter, or xAnim Exporter). If you don't see anything appear in the Wireshark window, go back to Tom's program and use the Check for Updates button.

6) Now you will see some text appear in Wireshark. Each line is a packet being sent or received by Tom's program. Somwhere in the middle of them, there is an HTTP GET request, which looks similar to this, but with your info in it:

An HTTP GET request sends a message to a sever, asking to get something. So this means that Tom's server receives this request, logs the data contained within it, and then sends back a packet response (which in this case is the latest version number of the program).

 

Login

or login with an authentication provider below
Sign In with Google
Sign In with Twitter
Sign In with Discord
Sign In with Steam
Sign In with Twitch
Loading ...