Originally posted by ElirionLoth I logged into AoW's forums today to see if a moderator had commented on my story of my in game money and gold being stolen and, guess what, the entire thread had been deleted. No response, no e-mail, no assistance, just deleted. Greatest gaming company ever!
You openly accused Snail on the AOW forums to be involved in the hacking of accounts, and you are wondering why your thread was deleted?!
I didn't accuse them. I asked if their lack of response was an indication that they were. It was an either or statement. They didn't respond. They just deleted the thread. Why do you think that is? It's not the only thread that was deleted. They have accused everyone that was hacked of lying and visiting third party unsecured sites (insinuation of buying RMT gold). I think they should be able to respond don't you? But, if a company ignores a blatant security flaw in their product then they are negligently involved in the hacking of accounts. Even if they are not actively doing it, their negligence is allowing and encouraging it to happen.
Based on your post history, you seem to be a very ardent white knighter for AoW since it started. That's fine. I like the game too. I just dislike how Snail is treating its customers. It's very interesting that you dug up this deleted post of mine shortly after I sent the link of this discussion to the customer rep who was refusing to help me.
To respond to your other posts on AoW, yes I really got hacked. I am not lying. The e-mail from customer support acknowledges that I was hacked then they went on to blame me for it and refuse to help (see above). I did not ever buy RMT gold. Have your Snail buddies check my account for any large influx of money that would indicate buying money. It isn't there. I reported tons of RMT bots while in game. Maybe that is the problem? I don't know. Snail refuses to discuss the issue.
Go to their site, pick one of their "Top Up" options, and notice how even at the CC information stage, the page is not secure. There's also plenty of complaints about this on the official forums. Do some research on it if you want more specifics.
It's also not difficult to see what little security measures they have for the actual game itself, of which I already listed a few examples earlier. They don't even have a "brute-force" mechanism for the login server, so you can put in an incorrect password as many times as you want without getting locked out. It's basic security 101 stuff, and they don't employ it for some strange reason.
Oh dear...
1) As I already pointed out somewhere on these boards, the site is secured. You just do not see https:// in url because they use frames. Very common practice.
2) That is exactly how any decent security mechanism works - it won't lock out the account if you mistype 3 times in a row. Instead it is sensitive and capable to identify scripting.
Stop reading forums and parroting all you read, majority of the posters are about as ignorant about IT security/tech as you are. That is fine, no one is expecting you to know how things work under the hood but you should have enough sense to acknowledge the your limits and hold back your judgments.
Yeah, I'm not an IT expert by any means, but I know enough people personally who have dealt with hacking and thievery, as well as the plethora of people affected by this on the forums, to see that Snail's security appears to have some serious issues. They have no good excuse for not having a secondary password or an authenticator as an option for added security, so they need to take some responsibility for these situations, or suffer the negative publicity that follows. Or I guess they can just continue what they've been doing lately, and just delete the threads about this that are made daily. Out of sight, out of mind.
Edit: wording, and because the mods would have did it anyway.
Edit 2: Also, since you're apparently an expert on this kind of thing, does the message "Connection is not encrypted" throw up any red flags for you on a transaction page? It's not just the missing padlock icon that irks people, it's the message itself associated with the page. Considering that there seems to be a theme for people buying gold from Snail, and then almost immediately getting hacked afterwards (going by forum testimony), it kind of stands to reason that these thieves might be getting that information due to the page not being encrypted. Can you explain to those of us that aren't educated about it, what that actually means?
If you do some research on Chinese websites you may see where Snails security is lacking. Hacking became such a problem on the Chinese version of the game that now they have not only added a second password but also an authenticator via a phone app.
The other problem Snail has is the version they opened with here in the West is the early Chinese one which has all the exploits that plagued that version still able to be used.
Originally posted by Seilan They have no good excuse for not having a secondary password or an authenticator as an option for added security, so they need to take some responsibility for these situations, or suffer the negative publicity that follows.
1) They need no excuse. It is not an industry standard by any means. 2) No, it is not their responsibility. 3) They can't do much about ignorant ranting...but at the end of the day it is just ignorant ranting. It is your pick if and how you want to contribute...You either jump the bandwagon or stop and think it through.
Originally posted by Seilan Edit 2: Also, since you're apparently an expert on this kind of thing, does the message "Connection is not encrypted" throw up any red flags for you on a transaction page? It's not just the missing padlock icon that irks people, it's the message itself associated with the page.
I have no idea what message you talk about...maybe be a bit specific?
I checked the system briefly but if you use credit card payment method, frame for Skrill/moneybookers payment processing pops up, transaction is secured by VeriSign(SSL), logo you may notice at the bottom left of the frame.
This is rather popular method these days so your customer isn't bothered by redirection on 3rd party sites which is the case of other payment methods Snail is offering.
And then, we find out that poster is actually involved in RMT:
Originally posted by trancefate I always keep in touch with what my assets are worth, even virtual ones. Virtual currency sales got me through a pretty rough patch of unemployment recently.
Notice the title of his thread...irony...?
The problem with gold sellers would not exist if there were no people buying virtual goods in the first place. You want to believe that "forum testimony" are actually honest ones?
Jerks and asses are usually most vocal, even tho they will try to pretend to be victims.
People with no technical background complaining about security? How much validity is there? You want to take those posts seriously?
I am not saying that Snail games is doing great job or anything but from what end user can see, there isn't anything to be much disturbed about.
Overall it is very unpleasant situation for either party.
Snail cannot give out refunds on demand and it is very difficult to fight RMT, or just track it.
And then, we find out that poster is actually involved in RMT:
Originally posted by trancefate
I always keep in touch with what my assets are worth, even virtual ones. Virtual currency sales got me through a pretty rough patch of unemployment recently.
Notice the title of his thread...irony...?
The problem with gold sellers would not exist if there were no people buying virtual goods in the first place. You want to believe that "forum testimony" are actually honest ones?
Jerks and asses are usually most vocal, even tho they will try to pretend to be victims.
People with no technical background complaining about security? How much validity is there? You want to take those posts seriously?
I am not saying that Snail games is doing great job or anything but from what end user can see, there isn't anything to be much disturbed about.
Overall it is very unpleasant situation for either party.
Snail cannot give out refunds on demand and it is very difficult to fight RMT, or just track it.
Well, if one person is bad they all must be. Right? Does that apply to gaming companies also?
The problem with drugs would not exist therefore the drug sellers must be excused, correct? There wouldn't be any domestic violence if women would just shut up, amirite?
So, everyone that complains is a jerk and asshole? Got it. Will write that down as a life lesson.
The situation is unpleasant because Snail USA has decided to completely ignore the problem. RMT are everywhere, people are getting hacked regularly (whether you want to believe it or not), and Snail is doing nothing. They don't even have the security measures in the US version that they have implemented in the Chinese version. How can you even begin to justify that? The European version will deploy with those security measures. Why did they drop them from the US version?
Snail can do investigations and give refunds on virtual currency when hacking is discovered. They are not even investigating. They are just ignoring the problem and will steadily gain a bad reputation and lose customers. Especially when the mmo media finally takes notice like they have with other company's security problems. Keep defending them if that is what It takes to make you comfortable in playing the game.
They have no good excuse for not having a secondary password or an authenticator as an option for added security, so they need to take some responsibility for these situations, or suffer the negative publicity that follows.
1) They need no excuse. It is not an industry standard by any means. 2) No, it is not their responsibility. 3) They can't do much about ignorant ranting...but at the end of the day it is just ignorant ranting. It is your pick if and how you want to contribute...You either jump the bandwagon or stop and think it through.
Originally posted by Seilan
Edit 2: Also, since you're apparently an expert on this kind of thing, does the message "Connection is not encrypted" throw up any red flags for you on a transaction page? It's not just the missing padlock icon that irks people, it's the message itself associated with the page.
I have no idea what message you talk about...maybe be a bit specific?
I checked the system briefly but if you use credit card payment method, frame for Skrill/moneybookers payment processing pops up, transaction is secured by VeriSign(SSL), logo you may notice at the bottom left of the frame.
This is rather popular method these days so your customer isn't bothered by redirection on 3rd party sites which is the case of other payment methods Snail is offering.
And then, we find out that poster is actually involved in RMT:
Originally posted by trancefate
I always keep in touch with what my assets are worth, even virtual ones. Virtual currency sales got me through a pretty rough patch of unemployment recently.
Notice the title of his thread...irony...?
The problem with gold sellers would not exist if there were no people buying virtual goods in the first place. You want to believe that "forum testimony" are actually honest ones?
Jerks and asses are usually most vocal, even tho they will try to pretend to be victims.
People with no technical background complaining about security? How much validity is there? You want to take those posts seriously?
I am not saying that Snail games is doing great job or anything but from what end user can see, there isn't anything to be much disturbed about.
Overall it is very unpleasant situation for either party.
Snail cannot give out refunds on demand and it is very difficult to fight RMT, or just track it.
1. It's a game made in China; I think it's reasonable to assume they would follow a stricter security standard due to that fact alone. They also had a secondary password in the beta apparently, and then took it out for some reason. There are enough people complaining about this problem that it absolutely should be an included measure.
2. It's not their responsibility to ensure that their own game has an adequate means for enabling players to protect their accounts? Yeah, that makes sense.
3. This has nothing to do with jumping on a bandwagon. It has to do with paying attention to what's being said by a seemingly large amount of people both in-game and on the forums. I've been playing mmorpgs for over 12 years and I've never seen so many people complaining about getting hacked and stolen from, let alone in nearly the same exact pattern each time. Sure, I can't prove the claims conclusively, but I'm not going to turn a blind eye to it either. I haven't dealt with any issues myself yet, but then, I haven't paid Snail any money either. I do, however, know people personally that have also been hacked, despite having never dealt with anything like this before. Factor that in with how threads about this seem to pop up every day on the official forums, and it's not difficult to see a recurring theme.
As for the message I was referring to, I noticed it on the transaction page itself. I see now what you're talking about with the VeriSign logo on the little transaction window within the larger page. I guess that's what you meant by "using frames?" If so, it was an honest mistake on my part, and I imagine it's the same thing that confused others as well, since the page itself gives that "connection is not encrypted" message if you check the "more information" option, to the left of the url.
Like I said, it's not about jumping on some bandwagon or believing any single, random forum poster's testimony, it's about noticing a large trend that I haven't seen in any other game I've played over the years, at least not to the same extent. It doesn't seem all that unreasonable to speculate that this may have more to do with their own security issues than they let on. In any case, I guess all we can do is hope it doesn't happen to the rest of us.
Originally posted by Seilan 1. It's a game made in China; I think it's reasonable to assume they would follow a stricter security standard due to that fact alone. They also had a secondary password in the beta apparently, and then took it out for some reason. There are enough people complaining about this problem that it absolutely should be an included measure.2. It's not their responsibility to ensure that their own game has an adequate means for enabling players to protect their accounts? Yeah, that makes sense.3. This has nothing to do with jumping on a bandwagon. It has to do with paying attention to what's being said by a seemingly large amount of people both in-game and on the forums. I've been playing mmorpgs for over 12 years and I've never seen so many people complaining about getting hacked and stolen from, let alone in nearly the same exact pattern each time. Sure, I can't prove the claims conclusively, but I'm not going to turn a blind eye to it either. I haven't dealt with any issues myself yet, but then, I haven't paid Snail any money either. I do, however, know people personally that have also been hacked, despite having never dealt with anything like this before. Factor that in with how threads about this seem to pop up every day on the official forums, and it's not difficult to see a recurring theme.As for the message I was referring to, I noticed it on the transaction page itself. I see now what you're talking about with the VeriSign logo on the little transaction window within the larger page. I guess that's what you meant by "using frames?" If so, it was an honest mistake on my part, and I imagine it's the same thing that confused others as well, since the page itself gives that "connection is not encrypted" message if you check the "more information" option, to the left of the url.Like I said, it's not about jumping on some bandwagon or believing any single, random forum poster's testimony, it's about noticing a large trend that I haven't seen in any other game I've played over the years, at least not to the same extent. It doesn't seem all that unreasonable to speculate that this may have more to do with their own security issues than they let on. In any case, I guess all we can do is hope it doesn't happen to the rest of us.
1) No, it is not reasonable expectation. In fact it is ridiculous...
"Secondary" password: 1 account pass + 1 game pass?
If you wish, you can make a Snail Games account that will linked to AoW, I guess that would do what you are looking for.
And again, "secondary" passwords are not standard.
2) It has adequate means to protect their account. They cannot be responsible for user behavior tho.
Client is the weakest part of any security system for a reason - lack of control. You basically ask for Snail games to somehow supplement user misbehavior.
3) Yeah, it is all about jumping the bandwagon.
Just take an example of yourself - few posts back you believed that their site is inseure, before you got explained. Same goes for most complains on forums - they have no reasonable or honest basis.
Same situation happened in EVE while back when CCP was pushing harder on RMT. Lots of "riot" on forums. Tighter security affects larger user base thus you get more reaction, that is expected.
What happens on forums is not necessarily the same that happens in the rest of the game. Forums is used by about 5% of the player base and isn't representative by any means.
Do not base your judgement on forums, that would be foolish. Want proof? Check this site alone - all doom and gloom and sky falling, yet nothing of that is happening outside these boards.
Forums might provide an incentive for investigation but never to conclusions. It isn't as big deal as many people make it.
Originally posted by Seilan 1. It's a game made in China; I think it's reasonable to assume they would follow a stricter security standard due to that fact alone. They also had a secondary password in the beta apparently, and then took it out for some reason. There are enough people complaining about this problem that it absolutely should be an included measure.
2. It's not their responsibility to ensure that their own game has an adequate means for enabling players to protect their accounts? Yeah, that makes sense.
3. This has nothing to do with jumping on a bandwagon. It has to do with paying attention to what's being said by a seemingly large amount of people both in-game and on the forums. I've been playing mmorpgs for over 12 years and I've never seen so many people complaining about getting hacked and stolen from, let alone in nearly the same exact pattern each time. Sure, I can't prove the claims conclusively, but I'm not going to turn a blind eye to it either. I haven't dealt with any issues myself yet, but then, I haven't paid Snail any money either. I do, however, know people personally that have also been hacked, despite having never dealt with anything like this before. Factor that in with how threads about this seem to pop up every day on the official forums, and it's not difficult to see a recurring theme.
As for the message I was referring to, I noticed it on the transaction page itself. I see now what you're talking about with the VeriSign logo on the little transaction window within the larger page. I guess that's what you meant by "using frames?" If so, it was an honest mistake on my part, and I imagine it's the same thing that confused others as well, since the page itself gives that "connection is not encrypted" message if you check the "more information" option, to the left of the url.
Like I said, it's not about jumping on some bandwagon or believing any single, random forum poster's testimony, it's about noticing a large trend that I haven't seen in any other game I've played over the years, at least not to the same extent. It doesn't seem all that unreasonable to speculate that this may have more to do with their own security issues than they let on. In any case, I guess all we can do is hope it doesn't happen to the rest of us.
1) No, it is not reasonable expectation. In fact it is ridiculous...
"Secondary" password: 1 account pass + 1 game pass?
If you wish, you can make a Snail Games account that will linked to AoW, I guess that would do what you are looking for.
And again, "secondary" passwords are not standard.
2) It has adequate means to protect their account. They cannot be responsible for user behavior tho.
Client is the weakest part of any security system for a reason - lack of control. You basically ask for Snail games to somehow supplement user misbehavior.
3) Yeah, it is all about jumping the bandwagon.
Just take an example of yourself - few posts back you believed that their site is inseure, before you got explained. Same goes for most complains on forums - they have no reasonable or honest basis.
Same situation happened in EVE while back when CCP was pushing harder on RMT. Lots of "riot" on forums. Tighter security affects larger user base thus you get more reaction, that is expected.
What happens on forums is not necessarily the same that happens in the rest of the game. Forums is used by about 5% of the player base and isn't representative by any means.
Do not base your judgement on forums, that would be foolish. Want proof? Check this site alone - all doom and gloom and sky falling, yet nothing of that is happening outside these boards.
Forums might provide an incentive for investigation but never to conclusions. It isn't as big deal as many people make it.
1. What's ridiculous about expecting a higher standard of security for games made in a country where gold farming/selling is rampant? Try logging into just about any other eastern-based mmorpg, and you'll more than likely be met with the need to make a secondary "Pin" password, using a virtual keypad to type it out, in order to log into the game itself. MapleStory and Mabinogi are just two examples that come to mind. It's common practice for online games made in the east, so I see nothing ridiculous about having it in AoW.
2. Yeah, I'm sure it's all just "user behavior". That's why you rarely ever hear about this kind of thing in AAA mmorpgs, right? It's also been said that the Chinese version went through this very same problem until they updated the client, and since the NA version is allegedly still using the outdated client, it stands to reason that it could at least be part of the problem here. It's just hearsay though as I can't verify it officially.
3. Call it whatever you want. I look at it as being observant. And like I said, I'm not just going by the tons of forum accounts, I see plenty of discussion about it in-game as well. I guess we can just assume everyone who attests to this is just a dirty liar, or maybe they're just unable to secure their own accounts properly despite not having problems with account security in other games they play, a couple of my own friends included.
Whatever the case may be, I'm done arguing about this. At the end of the day, all I'm really getting at is that Snail should seriously give some though to implementing features (even if only optional) that allow us to better secure our own accounts. With authenticators being more and more common in online gaming these days, I think it would be wise for Snail to adopt that kind of a system as well. If nothing else, it would aid in illuminating what really is and isn't user error, when it comes to an account being compromised.
Originally posted by Seilan 1. What's ridiculous about expecting a higher standard of security for games made in a country where gold farming/selling is rampant? Try logging into just about any other eastern-based mmorpg, and you'll more than likely be met with the need to make a secondary "Pin" password, using a virtual keypad to type it out, in order to log into the game itself. MapleStory and Mabinogi are just two examples that come to mind. It's common practice for online games made in the east, so I see nothing ridiculous about having it in AoW.2. Yeah, I'm sure it's all just "user behavior". That's why you rarely ever hear about this kind of thing in AAA mmorpgs, right? It's also been said that the Chinese version went through this very same problem until they updated the client, and since the NA version is allegedly still using the outdated client, it stands to reason that it could at least be part of the problem here. It's just hearsay though as I can't verify it officially.3. Call it whatever you want. I look at it as being observant. And like I said, I'm not just going by the tons of forum accounts, I see plenty of discussion about it in-game as well. I guess we can just assume everyone who attests to this is just a dirty liar, or maybe they're just unable to secure their own accounts properly despite not having problems with account security in other games they play, a couple of my own friends included.Whatever the case may be, I'm done arguing about this. At the end of the day, all I'm really getting at is that Snail should seriously give some though to implementing features (even if only optional) that allow us to better secure our own accounts. With authenticators being more and more common in online gaming these days, I think it would be wise for Snail to adopt that kind of a system as well. If nothing else, it would aid in illuminating what really is and isn't user error, when it comes to an account being compromised.
What can I say... Enjoy your bandwagon ride, there is no help to those who are not willing to learn.
You need to do a little better research. The 400 Liang was what I initially noticed. Then when I asked about it in chat someone responded they had gold stolen also so I checked and found mine missing also. You've searched hard but have a little more work to do. The progression and explanation is in the AoW forums if they haven't deleted those also.
This actually isn't just over the loss I incurred. It's also over the poor customer service and the lack of security in the game. If the 400 Liang and approximately $10 in gold I lost is insignificant to you then please PM me and you can reimburse my loss. I refuse to fund a company that treats me poorly and I will get the story out after it happens. This is part of the process.
I think that with the four VIP accounts I cancelled (mine, my wife's, and my two teenage son's) plus my friends that quit also over this, it would have been better for Snail to meet me half way on this hacking issue instead of being bull headed. Even apologizing and telling me they were fixing the issue instead of blaming it on me and others would have convinced me to stay.
Oh, I noticed you have 28 posts and everyone of them is hyping AoW or putting down anyone saying anything negative about the game. What is that about? No interest in anything else?
Be sure to read all the responses to that cached post you linked. It filled up quickly with other people being hacked.
1. What's ridiculous about expecting a higher standard of security for games made in a country where gold farming/selling is rampant? Try logging into just about any other eastern-based mmorpg, and you'll more than likely be met with the need to make a secondary "Pin" password, using a virtual keypad to type it out, in order to log into the game itself. MapleStory and Mabinogi are just two examples that come to mind. It's common practice for online games made in the east, so I see nothing ridiculous about having it in AoW.
2. Yeah, I'm sure it's all just "user behavior". That's why you rarely ever hear about this kind of thing in AAA mmorpgs, right? It's also been said that the Chinese version went through this very same problem until they updated the client, and since the NA version is allegedly still using the outdated client, it stands to reason that it could at least be part of the problem here. It's just hearsay though as I can't verify it officially.
3. Call it whatever you want. I look at it as being observant. And like I said, I'm not just going by the tons of forum accounts, I see plenty of discussion about it in-game as well. I guess we can just assume everyone who attests to this is just a dirty liar, or maybe they're just unable to secure their own accounts properly despite not having problems with account security in other games they play, a couple of my own friends included.
Whatever the case may be, I'm done arguing about this. At the end of the day, all I'm really getting at is that Snail should seriously give some though to implementing features (even if only optional) that allow us to better secure our own accounts. With authenticators being more and more common in online gaming these days, I think it would be wise for Snail to adopt that kind of a system as well. If nothing else, it would aid in illuminating what really is and isn't user error, when it comes to an account being compromised.
What can I say... Enjoy your bandwagon ride, there is no help to those who are not willing to learn.
What am I not willing to learn? That a gaming company from China shouldn't offer multiple measures for letting players secure their accounts, or that I shouldn't take notice when a large trend of hacking/thievery occurs in a game I play? Most of what you said was merely opinion, so forgive me for taking most of it with a grain of salt. I do thank you for educating me on the "frames" thing, but as for the rest, it was largely just you giving your opinion on why it's ridiculous to ask for better security measures, while giving no good reason as to why.
If you're going to post some little condescending quip, at least give it some context.
The thing is, Snail has about the worst security I've probably ever seen in an mmo (not just the game, but also their sites.) They constantly elude to this being merely an issue of the player's own foolishness and irresponsibility and that they should work harder to protect their own accounts, yet Snail doesn't even seem to employ the most basic of security measures.
Please elaborate how their site is insecure and lack of other security measure....
DL'd the game, played 2 long sessions. Never visited the Forums, never even looked into Gold buying. Didn't like the game and so uninstalled it.
Yesterday I received the latest in a series of emails from Iron Sellers/Gold sellers. Those sellers got my email I used in the game from somewhere almost a month after I had deleted Wushu. Yet they referenced both my having played Wushu and my Characters name.
It shouldn't matter if it's 1 Liang or 10 Ding. The account was still hacked and Snail won't do anything to replace the lost items. This is the first company I have heard of with this policy and hopefully the last. I said it before and I will say it again, with the flaws aside the game is still fun, however the management of the game is not doing it any service.
Comments
I didn't accuse them. I asked if their lack of response was an indication that they were. It was an either or statement. They didn't respond. They just deleted the thread. Why do you think that is? It's not the only thread that was deleted. They have accused everyone that was hacked of lying and visiting third party unsecured sites (insinuation of buying RMT gold). I think they should be able to respond don't you? But, if a company ignores a blatant security flaw in their product then they are negligently involved in the hacking of accounts. Even if they are not actively doing it, their negligence is allowing and encouraging it to happen.
Based on your post history, you seem to be a very ardent white knighter for AoW since it started. That's fine. I like the game too. I just dislike how Snail is treating its customers. It's very interesting that you dug up this deleted post of mine shortly after I sent the link of this discussion to the customer rep who was refusing to help me.
To respond to your other posts on AoW, yes I really got hacked. I am not lying. The e-mail from customer support acknowledges that I was hacked then they went on to blame me for it and refuse to help (see above). I did not ever buy RMT gold. Have your Snail buddies check my account for any large influx of money that would indicate buying money. It isn't there. I reported tons of RMT bots while in game. Maybe that is the problem? I don't know. Snail refuses to discuss the issue.
Yeah, I'm not an IT expert by any means, but I know enough people personally who have dealt with hacking and thievery, as well as the plethora of people affected by this on the forums, to see that Snail's security appears to have some serious issues. They have no good excuse for not having a secondary password or an authenticator as an option for added security, so they need to take some responsibility for these situations, or suffer the negative publicity that follows. Or I guess they can just continue what they've been doing lately, and just delete the threads about this that are made daily. Out of sight, out of mind.
Edit: wording, and because the mods would have did it anyway.
Edit 2: Also, since you're apparently an expert on this kind of thing, does the message "Connection is not encrypted" throw up any red flags for you on a transaction page? It's not just the missing padlock icon that irks people, it's the message itself associated with the page. Considering that there seems to be a theme for people buying gold from Snail, and then almost immediately getting hacked afterwards (going by forum testimony), it kind of stands to reason that these thieves might be getting that information due to the page not being encrypted. Can you explain to those of us that aren't educated about it, what that actually means?
If you do some research on Chinese websites you may see where Snails security is lacking. Hacking became such a problem on the Chinese version of the game that now they have not only added a second password but also an authenticator via a phone app.
The other problem Snail has is the version they opened with here in the West is the early Chinese one which has all the exploits that plagued that version still able to be used.
1) They need no excuse. It is not an industry standard by any means.
2) No, it is not their responsibility.
3) They can't do much about ignorant ranting...but at the end of the day it is just ignorant ranting. It is your pick if and how you want to contribute...You either jump the bandwagon or stop and think it through.
I have no idea what message you talk about...maybe be a bit specific?
I checked the system briefly but if you use credit card payment method, frame for Skrill/moneybookers payment processing pops up, transaction is secured by VeriSign(SSL), logo you may notice at the bottom left of the frame.
This is rather popular method these days so your customer isn't bothered by redirection on 3rd party sites which is the case of other payment methods Snail is offering.
Yeah, forum testimony...just check the thread here:
http://www.mmorpg.com/discussion2.cfm/post/5711776#5711776
And then, we find out that poster is actually involved in RMT:
Notice the title of his thread...irony...?
The problem with gold sellers would not exist if there were no people buying virtual goods in the first place. You want to believe that "forum testimony" are actually honest ones?
Jerks and asses are usually most vocal, even tho they will try to pretend to be victims.
People with no technical background complaining about security? How much validity is there? You want to take those posts seriously?
I am not saying that Snail games is doing great job or anything but from what end user can see, there isn't anything to be much disturbed about.
Overall it is very unpleasant situation for either party.
Snail cannot give out refunds on demand and it is very difficult to fight RMT, or just track it.
Well, if one person is bad they all must be. Right? Does that apply to gaming companies also?
The problem with drugs would not exist therefore the drug sellers must be excused, correct? There wouldn't be any domestic violence if women would just shut up, amirite?
So, everyone that complains is a jerk and asshole? Got it. Will write that down as a life lesson.
The situation is unpleasant because Snail USA has decided to completely ignore the problem. RMT are everywhere, people are getting hacked regularly (whether you want to believe it or not), and Snail is doing nothing. They don't even have the security measures in the US version that they have implemented in the Chinese version. How can you even begin to justify that? The European version will deploy with those security measures. Why did they drop them from the US version?
Snail can do investigations and give refunds on virtual currency when hacking is discovered. They are not even investigating. They are just ignoring the problem and will steadily gain a bad reputation and lose customers. Especially when the mmo media finally takes notice like they have with other company's security problems. Keep defending them if that is what It takes to make you comfortable in playing the game.
1. It's a game made in China; I think it's reasonable to assume they would follow a stricter security standard due to that fact alone. They also had a secondary password in the beta apparently, and then took it out for some reason. There are enough people complaining about this problem that it absolutely should be an included measure.
2. It's not their responsibility to ensure that their own game has an adequate means for enabling players to protect their accounts? Yeah, that makes sense.
3. This has nothing to do with jumping on a bandwagon. It has to do with paying attention to what's being said by a seemingly large amount of people both in-game and on the forums. I've been playing mmorpgs for over 12 years and I've never seen so many people complaining about getting hacked and stolen from, let alone in nearly the same exact pattern each time. Sure, I can't prove the claims conclusively, but I'm not going to turn a blind eye to it either. I haven't dealt with any issues myself yet, but then, I haven't paid Snail any money either. I do, however, know people personally that have also been hacked, despite having never dealt with anything like this before. Factor that in with how threads about this seem to pop up every day on the official forums, and it's not difficult to see a recurring theme.
As for the message I was referring to, I noticed it on the transaction page itself. I see now what you're talking about with the VeriSign logo on the little transaction window within the larger page. I guess that's what you meant by "using frames?" If so, it was an honest mistake on my part, and I imagine it's the same thing that confused others as well, since the page itself gives that "connection is not encrypted" message if you check the "more information" option, to the left of the url.
Like I said, it's not about jumping on some bandwagon or believing any single, random forum poster's testimony, it's about noticing a large trend that I haven't seen in any other game I've played over the years, at least not to the same extent. It doesn't seem all that unreasonable to speculate that this may have more to do with their own security issues than they let on. In any case, I guess all we can do is hope it doesn't happen to the rest of us.
1) No, it is not reasonable expectation. In fact it is ridiculous...
"Secondary" password: 1 account pass + 1 game pass?
If you wish, you can make a Snail Games account that will linked to AoW, I guess that would do what you are looking for.
And again, "secondary" passwords are not standard.
2) It has adequate means to protect their account. They cannot be responsible for user behavior tho.
Client is the weakest part of any security system for a reason - lack of control. You basically ask for Snail games to somehow supplement user misbehavior.
3) Yeah, it is all about jumping the bandwagon.
Just take an example of yourself - few posts back you believed that their site is inseure, before you got explained. Same goes for most complains on forums - they have no reasonable or honest basis.
Same situation happened in EVE while back when CCP was pushing harder on RMT. Lots of "riot" on forums. Tighter security affects larger user base thus you get more reaction, that is expected.
What happens on forums is not necessarily the same that happens in the rest of the game. Forums is used by about 5% of the player base and isn't representative by any means.
Do not base your judgement on forums, that would be foolish. Want proof? Check this site alone - all doom and gloom and sky falling, yet nothing of that is happening outside these boards.
Forums might provide an incentive for investigation but never to conclusions. It isn't as big deal as many people make it.
1. What's ridiculous about expecting a higher standard of security for games made in a country where gold farming/selling is rampant? Try logging into just about any other eastern-based mmorpg, and you'll more than likely be met with the need to make a secondary "Pin" password, using a virtual keypad to type it out, in order to log into the game itself. MapleStory and Mabinogi are just two examples that come to mind. It's common practice for online games made in the east, so I see nothing ridiculous about having it in AoW.
2. Yeah, I'm sure it's all just "user behavior". That's why you rarely ever hear about this kind of thing in AAA mmorpgs, right? It's also been said that the Chinese version went through this very same problem until they updated the client, and since the NA version is allegedly still using the outdated client, it stands to reason that it could at least be part of the problem here. It's just hearsay though as I can't verify it officially.
3. Call it whatever you want. I look at it as being observant. And like I said, I'm not just going by the tons of forum accounts, I see plenty of discussion about it in-game as well. I guess we can just assume everyone who attests to this is just a dirty liar, or maybe they're just unable to secure their own accounts properly despite not having problems with account security in other games they play, a couple of my own friends included.
Whatever the case may be, I'm done arguing about this. At the end of the day, all I'm really getting at is that Snail should seriously give some though to implementing features (even if only optional) that allow us to better secure our own accounts. With authenticators being more and more common in online gaming these days, I think it would be wise for Snail to adopt that kind of a system as well. If nothing else, it would aid in illuminating what really is and isn't user error, when it comes to an account being compromised.
What can I say... Enjoy your bandwagon ride, there is no help to those who are not willing to learn.
And ALL this over 400 Liang lol
google cached
At least that's how much it was prior to embellishing the loss ; P
http://www.mmorpg.com/gamelist.cfm/game/749/view/forums/thread/384853/page/1
.
You need to do a little better research. The 400 Liang was what I initially noticed. Then when I asked about it in chat someone responded they had gold stolen also so I checked and found mine missing also. You've searched hard but have a little more work to do. The progression and explanation is in the AoW forums if they haven't deleted those also.
This actually isn't just over the loss I incurred. It's also over the poor customer service and the lack of security in the game. If the 400 Liang and approximately $10 in gold I lost is insignificant to you then please PM me and you can reimburse my loss. I refuse to fund a company that treats me poorly and I will get the story out after it happens. This is part of the process.
I think that with the four VIP accounts I cancelled (mine, my wife's, and my two teenage son's) plus my friends that quit also over this, it would have been better for Snail to meet me half way on this hacking issue instead of being bull headed. Even apologizing and telling me they were fixing the issue instead of blaming it on me and others would have convinced me to stay.
Oh, I noticed you have 28 posts and everyone of them is hyping AoW or putting down anyone saying anything negative about the game. What is that about? No interest in anything else?
Be sure to read all the responses to that cached post you linked. It filled up quickly with other people being hacked.
What am I not willing to learn? That a gaming company from China shouldn't offer multiple measures for letting players secure their accounts, or that I shouldn't take notice when a large trend of hacking/thievery occurs in a game I play? Most of what you said was merely opinion, so forgive me for taking most of it with a grain of salt. I do thank you for educating me on the "frames" thing, but as for the rest, it was largely just you giving your opinion on why it's ridiculous to ask for better security measures, while giving no good reason as to why.
If you're going to post some little condescending quip, at least give it some context.DL'd the game, played 2 long sessions. Never visited the Forums, never even looked into Gold buying. Didn't like the game and so uninstalled it.
Yesterday I received the latest in a series of emails from Iron Sellers/Gold sellers. Those sellers got my email I used in the game from somewhere almost a month after I had deleted Wushu. Yet they referenced both my having played Wushu and my Characters name.
Take the Magic: The Gathering 'What Color Are You?' Quiz.
Playing: Smite, Marvel Heroes
Played: Nexus:Kingdom of the Winds, Everquest, DAoC, Everquest 2, WoW, Matrix Online, Vangaurd, SWG, DDO, EVE, Fallen Earth, LoTRo, CoX, Champions Online, WAR, Darkfall, Mortal Online, Guild Wars, Rift, Tera, Aion, AoC, Gods and Heroes, DCUO, FF14, TSW, SWTOR, GW2, Wildstar, ESO, ArcheAge
Waiting On: Nothing. Mmorpg's are dead.
Lineage doesn't come to mind? South Korea bro.
Milestone game man...lots of games owe that one a lot of credit.
It shouldn't matter if it's 1 Liang or 10 Ding. The account was still hacked and Snail won't do anything to replace the lost items. This is the first company I have heard of with this policy and hopefully the last. I said it before and I will say it again, with the flaws aside the game is still fun, however the management of the game is not doing it any service.
"If I offended you, you needed it" -Corey Taylor