[...] Today I was reading about this inventor's device (I think it was business week)which he claims is completely hacker proof. [...] None could.
... right now. It's only a matter of time. Anything that is engineered can, and will be, reverse engineered. Hackers are challenge-oriented people. While most would prefer to swipe 20,000 computers' information in an hour, others use pinpointed attacks at high-value systems.
The only failsafe system is one that employs actively changing entry terms. Via true random scrambling (as no random script is every truly random, and the resources that generated the script are always, always available elsewhere- meaning it can and should be treated as common asset between anti-hacker and hacker).
That is exactly right, and we're not saying NO to save WoW, because it is already a lost cause. We are saying NO to dissuade the next group of greedy suits who decide to emulate Blizzard and Cryptic, etc. We can prevent some of the future games from spewing this crap, but the sooner we start saying no, the better the results will be. So - Stand up, pull up your pants, and walk away. - MMO_Doubter
Sad to hear that an authenticator can be hacked this easily. But it does leave me with one question... How on earth did this player get the .dll on his system? If he's a 100% legit player he would not go to suspicious sites that can upload this stuff into your temp dir...
I have no evidence to back this up, but I have been wondering for some time if there might not be a link between hacked computers/passwords and P2P download sites. You think about it. All of these yummy free programs and files, just for the taking, and you have almost no certainty where or who you are downloading from, or why.
All could be avoided if the game checks for the login users IP address.Of course Blizzard/Activision cannot make money off that security.This should be the security that all games use,an IP check.You could even have 2 ip's in case you need to login from a different location.Account server should also use the same security,not just the game server.Blizzard should also have a log of IP addresses ,so that the hackers could be reasonably traced.
Warden can also be modified to check for the existance of this particular hack before allowing the user to log in and if detected, not allow the person to login, thereby not giving away their information. I'm sure Blizzard will attempt to come up with a solution.
It's not really feasible for Blizzard to deny access based on your IP. That would be extremely cumbersome. People change IP addresses all the time. People log in to play the game from different places all the time, etc. They would have to constantly be updating their database and anytime it was not up to date the user would be prevented from playing. That's a PR nightmare.
Just because someone gets a .dll file that is not supposed to be there does not mean that the person does anything bad. The internet is never 100% safe ever no matter what methods you take to protect yourself. All it takes is visiting the wrong site and you can be infected. But there is millions of other ways to be infected. Take valve for example when they had the source code leaked for HL2.
Exactly.
Here is the source of the virus for those who think they never go to sites that could get them infected. (It is not the first time this has happened on a google sponsored link either)
what locks unlocks .. =/ ..but im sure blizzard can track the transfered gold and ban the chars involved with the stolen goods?
They can not track the gold or items. However Blizzard always reimburses those compromised, and I am sure they will do it expediently for those who were hacked with authenticators as it is pretty much an up yours to Blizzard as they claimed it makes your account completely safe from theft.
Blizzard doesn't track characters under lvl 10 due to the free trials so if you transfer stuff to a lvl 1, and then transfer it off the level 1 and delete the lvl 1 (Which most china farmers do this with several level 1's) then delete them the trail becomes very difficult after Blizzard runs their weekly cleanup on Tuesday (making it near impossible to track).
So in the end it just leaves a huge inflation as the hackers get the gold, and the person gets their gold back. So if you wonder why inflation is so bad just blame the hackers and gold sellers.
Blizzard doesn't track characters under lvl 10 due to the free trials so if you transfer stuff to a lvl 1, and then transfer it off the level 1 and delete the lvl 1 (Which most china farmers do this with several level 1's) then delete them the trail becomes very difficult after Blizzard runs their weekly cleanup on Tuesday (making it near impossible to track).
Who says? I've never heard Blizzard say they can't track a level 1. You can't use the mail on a free trial account so there's nothing to track. You're speculating or you're confusing the fact that Blizzard doesn't show below level 10 in the Armory. That doesn't mean they don't track them.
Comments
... right now. It's only a matter of time. Anything that is engineered can, and will be, reverse engineered. Hackers are challenge-oriented people. While most would prefer to swipe 20,000 computers' information in an hour, others use pinpointed attacks at high-value systems.
The only failsafe system is one that employs actively changing entry terms. Via true random scrambling (as no random script is every truly random, and the resources that generated the script are always, always available elsewhere- meaning it can and should be treated as common asset between anti-hacker and hacker).
That is exactly right, and we're not saying NO to save WoW, because it is already a lost cause. We are saying NO to dissuade the next group of greedy suits who decide to emulate Blizzard and Cryptic, etc.
We can prevent some of the future games from spewing this crap, but the sooner we start saying no, the better the results will be.
So - Stand up, pull up your pants, and walk away.
- MMO_Doubter
I have no evidence to back this up, but I have been wondering for some time if there might not be a link between hacked computers/passwords and P2P download sites. You think about it. All of these yummy free programs and files, just for the taking, and you have almost no certainty where or who you are downloading from, or why.
Warden can also be modified to check for the existance of this particular hack before allowing the user to log in and if detected, not allow the person to login, thereby not giving away their information. I'm sure Blizzard will attempt to come up with a solution.
It's not really feasible for Blizzard to deny access based on your IP. That would be extremely cumbersome. People change IP addresses all the time. People log in to play the game from different places all the time, etc. They would have to constantly be updating their database and anytime it was not up to date the user would be prevented from playing. That's a PR nightmare.
My closed account got hacked around December, in january I received an email from blizz saying my account was suspended for Hacking.
Since i no longer remember my secret question/answer blizz wouldnt get my account back.
Tossed my Vanilla, Tbc and Wotlk Discs in the trash right after that.
Never been hacked before in 13 years of online gaming, never had an account taken like that.
Oh well, I had no intentions of returning anyway.
Playing: Rift, LotRO
Waiting on: GW2, BP
I got hacked and never click on anything, shit I dont even use my email.
Mine happened right after that free trial for converting my account to battle.net.
Not everyone who gets hacked has it happen because they click on retarded links and junk email.
Playing: Rift, LotRO
Waiting on: GW2, BP
Exactly.
Here is the source of the virus for those who think they never go to sites that could get them infected. (It is not the first time this has happened on a google sponsored link either)
Link
They can not track the gold or items. However Blizzard always reimburses those compromised, and I am sure they will do it expediently for those who were hacked with authenticators as it is pretty much an up yours to Blizzard as they claimed it makes your account completely safe from theft.
Blizzard doesn't track characters under lvl 10 due to the free trials so if you transfer stuff to a lvl 1, and then transfer it off the level 1 and delete the lvl 1 (Which most china farmers do this with several level 1's) then delete them the trail becomes very difficult after Blizzard runs their weekly cleanup on Tuesday (making it near impossible to track).
So in the end it just leaves a huge inflation as the hackers get the gold, and the person gets their gold back. So if you wonder why inflation is so bad just blame the hackers and gold sellers.
Who says? I've never heard Blizzard say they can't track a level 1. You can't use the mail on a free trial account so there's nothing to track. You're speculating or you're confusing the fact that Blizzard doesn't show below level 10 in the Armory. That doesn't mean they don't track them.