Blizzard's Network Hacked

 Pages PREV 1 2 3
 

Charli:

sir.rutthed:
I notice it says nothing about the keychain authenticators. Can we take that to mean that those of us with them are less at risk then the mobile authenticator users?

I can say with a straight face, yes.

*pats keychain*

A keychain authenticator is no more secure than a software authenticator. Both use a secret sauce, a serial number, and a timer which are hashed to generate psuedorandom strings of numbers. If you have the secret sauce, serial, and know the method used to hash the sauce, serial and timer then you have the keys to the kingdom.

Look at what happened to RSA, one of the largest makers of keychain authenticators. Hacker managed to steal the secret sauce behind all of their authenticators which meant that if they could determine the serial numbers associated with a user's dongle then they had compromised one entire leg of user authentication. Any security from using authenticators is then destroyed.

They have not said that keychain authenticator information has been compromised as well yet, but I doubt that anyone who gained access to the mobile authenticator information didn't also gain access to keychain authenticator information. This is the same company that thinks that case-insensitive letters and numerals are sufficient security for your account password. That reduces the potential strength of passwords dramatically.

I just got my Battle.net account back from a goddamn chinese hacker like a month ago...

Thanks, Blizzard...I'm glad I can trust you with my information...

CriticKitten:

Draech:
You are tieing a correlation between Blizzards business practice and them being hacked

No, I'm not. Please stop trying to insinuate that you know what I'm saying better than I do. I'm the one who said it, so I think I'd know better than you what I was actually saying. >_>

Here, I'll break it down for you so that it's easier to understand.

CriticKitten:
Remember back when Blizzard was trying to convince us that turning Diablo 3 into a game that relied heavily on Always-On DRM would make the game more secure from hackers? And remember how they told us that Battle.net was just so secure and that there was no way that hackers could get in and interfere with your gameplay, even as numerous people reported that accounts were being hacked and relieved of items in Diablo 3?

Note that I make a direct reference to their claims that the Always-On DRM of Diablo 3 would "prevent hacking", and their subsequent denial of the hacking claims from countless players.

I am very directly making a statement that Blizzard's claims of Battle.net being able to prevent hacking of Diablo 3 accounts were obviously false, and using this article and the previous hacking incident as my evidence. They had already been proven false in the past when hackers stole dozens of accounts months ago. This hack only further proves that they were foolish to claim that their system would provide better security from hackers when there is obviously no evidence of this.

I actually make very clear in my original post. I'll bold the key part for emphasis:

While I don't normally wish harm upon anyone and I feel very sorry for the poor gamers who has entrusted Blizzard with their information, I have to be honest: Blizzard deserves every last bit of this. They were the ones boldly proclaiming that Diablo 3 was the next step in hacker-free gaming, arrogantly presuming that their Battle.net system could not be hacked, and using the DRM as a platform to make more money through the Auction House. This is what kills good studios: steps towards money and away from quality.

I made the claim that Diablo 3's DRM was defended by Blizzard as an anti-hacking measure (which is true) and I'm pointing out that this article and the previous incident clearly prove that Blizzard's claims of "greater security" are fabrications.

You just read what you wanted to read, instead of what I actually wrote.

Draech:
In other words when I point out the correlation does not = causation by pointing to other service with different business practices that also got hacked.

Not a strawman.

Not an argument you didn't setup that I tried to knock down. Your argument. That I knocked down.

No, you knocked down a complete straw-man. One that you yourself fabricated because you didn't understand what my post said. When you're ready to actually discuss my real point, let me know. Until then, I'm going to ignore you. I have no interest in a meaningless argument of semantics and meaning with someone who doesn't have a leg to stand on. What's amusing is that you're already trying to deviate the topic away from Blizzard and onto me. I assume you think I didn't notice, but I did. You aren't defending Blizzard any more, you're just trying to attack me. And I'm not going to humor you any longer if you don't get back on topic.

And now you are miss representing articles.

Maybe you should read the article. None of the quotes actually talk about account hacking. Item Duping is the closest you get to anything remotely about it. In other words you made up your own evidence that Blizzard boldly said they could prevent hacking.

Yeah I am just misunderstanding you.... No you are purposely riling people up trying to make a correlation between a business you dont like and it getting hacked.

Draech:
-snip-

So I'll take that as a no. I guess it was expecting far too much of you to actually believe that you'd return to talking about Blizzard instead of resorting to a pathetic ad hominem.

Consider your arguments summarily ignored.

CriticKitten:

Draech:
-snip-

So I'll take that as a no. I guess it was expecting far too much of you to actually believe that you'd return to talking about Blizzard instead of resorting to a pathetic ad hominem.

Consider your arguments summarily ignored.

Until you show me an article with them

CriticKitten:
They were the ones boldly proclaiming that Diablo 3 was the next step in hacker-free gaming, arrogantly presuming that their Battle.net system could not be hacked

Then you dont have an argument.

Your article link still doesn't talk about account hacking. The closest you have is:

"would never guarantee that we're never going to have [cheating and duplication] in Diablo 3," he said. "But it's one of the things that our community has been the most vocal about, wanting this fixed, and if we essentially are putting the server out there ... we're not really going to be able to do better than Diablo 2."

Damm that is bold! Esspecially the No guarantee!

I did edit out my ad hominum thou. That was uncalled for. Thou You are the one using a strawman here. Blizzard never took the position you are refuting. That is a strawman.

If you are not making a correlation between their business practices then why bring them into an argument about the hacking? Are you just picking them up because you saw an oppotunity to change the subject from the hacking and into Blizzards business practise sucking? You going to deny you brought them in?

Yeah its better you ignore me.

The picture chosen is perfect.

Ticus: "hell... it's about..time"

Loop Stricken:

Harbinger_:
So we just hear about this now? I mean it's almost the 10th. Thats nearly a week that they decided not to mention anything.

Would you prefer a news conference every time a company notices something erroneous, so we call all flip our collective shits until they realise it really wasn't anything at all?
And then when it IS something, we can all roll our eyes at the announcement and bitch at them for their constant scaremongering!

... I think someone could write a story out of this, but maybe make it a bit more low-tech. Instead of hacked servers, maybe... ooh, maybe a wolf could show up and eat some sheep...

I would prefer a company as large as Blizzard or Sony to actually come out and speak to it's clients within 24 hours of them discovering whats going on. The fact that personal information was stolen is actually important. Even telling them, "Hey someone hacked our stuff, we don't really know whats been grabbed yet, we'll keep you up to date." would have sufficed.

Also could you be anymore of a jerk about this?

Harbinger_:

Also could you be anymore of a jerk about this?

I could absolutely be more of a jerk about this.

You don't know how long it took them to discover what had been compromised. It could well have been less than 24 hours after this discovery that the public statement was released.
They could've sat on it for an entire week, for whatever reasons they have.
They could've not told you at all.

Am I defending Blizzard? Eh, kinda. I hope, however, that I'm coming off as a more level-headed and rational individual not pouring petrol over every Blizzard employee and waving my lighter about for the perceived slight they inflicted upon me by not telephoning me within 30sec notifying me that there might be a problem.

Loop Stricken:

Harbinger_:

Also could you be anymore of a jerk about this?

I could absolutely be more of a jerk about this.

You don't know how long it took them to discover what had been compromised. It could well have been less than 24 hours after this discovery that the public statement was released.
They could've sat on it for an entire week, for whatever reasons they have.
They could've not told you at all.

Am I defending Blizzard? Eh, kinda. I hope, however, that I'm coming off as a more level-headed and rational individual not pouring petrol over every Blizzard employee and waving my lighter about for the perceived slight they inflicted upon me by not telephoning me within 30sec notifying me that there might be a problem.

And all I said is that from the time that it was discovered to the time they told us was a week. You seem to be assuming that I'm doing alot of gas pouring especially with the price of it these days. I work in technical support. If something gets hacked or something breaks we tell people as soon as we can, even if it's just 'something's wrong, we'll let you know more as we find out.'

Harbinger_:

Loop Stricken:

Harbinger_:

Also could you be anymore of a jerk about this?

I could absolutely be more of a jerk about this.

You don't know how long it took them to discover what had been compromised. It could well have been less than 24 hours after this discovery that the public statement was released.
They could've sat on it for an entire week, for whatever reasons they have.
They could've not told you at all.

Am I defending Blizzard? Eh, kinda. I hope, however, that I'm coming off as a more level-headed and rational individual not pouring petrol over every Blizzard employee and waving my lighter about for the perceived slight they inflicted upon me by not telephoning me within 30sec notifying me that there might be a problem.

And all I said is that from the time that it was discovered to the time they told us was a week. You seem to be assuming that I'm doing alot of gas pouring especially with the price of it these days. I work in technical support. If something gets hacked or something breaks we tell people as soon as we can, even if it's just 'something's wrong, we'll let you know more as we find out.'

Does your technical support involve billing?
Is it your company policy to unduly worry millions of paying customers every time there's a glitch in the system, thus undermining their faith in your capabilities?

Loop Stricken:

Harbinger_:

Loop Stricken:

I could absolutely be more of a jerk about this.

You don't know how long it took them to discover what had been compromised. It could well have been less than 24 hours after this discovery that the public statement was released.
They could've sat on it for an entire week, for whatever reasons they have.
They could've not told you at all.

Am I defending Blizzard? Eh, kinda. I hope, however, that I'm coming off as a more level-headed and rational individual not pouring petrol over every Blizzard employee and waving my lighter about for the perceived slight they inflicted upon me by not telephoning me within 30sec notifying me that there might be a problem.

And all I said is that from the time that it was discovered to the time they told us was a week. You seem to be assuming that I'm doing alot of gas pouring especially with the price of it these days. I work in technical support. If something gets hacked or something breaks we tell people as soon as we can, even if it's just 'something's wrong, we'll let you know more as we find out.'

Does your technical support involve billing?
Is it your company policy to unduly worry millions of paying customers every time there's a glitch in the system, thus undermining their faith in your capabilities?

Dude, I work for a gaming company. I do tech support, billing, customer complaints, you name it. If there is a problem with just one person's account obviously we aren't going to tell every customer. But if something is server wide, we tell everyone. People get upset when they don't know whats going on.

Harbinger_:

Loop Stricken:

Harbinger_:

And all I said is that from the time that it was discovered to the time they told us was a week. You seem to be assuming that I'm doing alot of gas pouring especially with the price of it these days. I work in technical support. If something gets hacked or something breaks we tell people as soon as we can, even if it's just 'something's wrong, we'll let you know more as we find out.'

Does your technical support involve billing?
Is it your company policy to unduly worry millions of paying customers every time there's a glitch in the system, thus undermining their faith in your capabilities?

Dude, I work for a gaming company. I do tech support, billing, customer complaints, you name it. If there is a problem with just one person's account obviously we aren't going to tell every customer. But if something is server wide, we tell everyone. People get upset when they don't know whats going on.

I suppose it's a good job Blizzard sent out that press release then, isn't it?

And here I thought things like Diablo 3's always-on DRM were supposed to protect like threats like this, and that they were TOTALLY worth the hassle invovled...

Bravo Blizzard. I'm so glad that I stopped giving you my money.

Kross:

Beautiful End:
Eh, I don't play Blizzard games. Nothing against them, I guess, but I'm just not a PC gamer.

However, I gotta say I'm glad. Hopefully they'll improve their security.
It might be a bit out of topic but I keep getting these emails from Blizzard saying my account was under investigation or something because of botting or scamming or whatever. I don't have a Blizzard account for the reason listed above! I keep trying to reply to them to tell them to gtfo but when I try to do so, it takes me to the official Blizzard customer support page and asks me to login to contact them.

It kind of defeats the purpose, you guys!

Not sure if you're joking/trolling, but those emails and websites aren't from Blizzard.

Oh, yeah. It looks like trolling.

I'm actually being serious. I mean, I know about scams and stuff. But this one seems pretty legit seeing as how it takes me directly to the Blizzard site (And with what purpose? So I could play a Blizzard game?). It's none of that "Your millionaire Blizzard account is waiting!" or "Blizzard is suing you so answer right now!". It just kinda warns me over and over again that my account might be banned.

Yeah, it looks like a bot or something but still...

Oh, no... I might have to go back to check if everything's all right on my account.

Loop Stricken:

Harbinger_:
So we just hear about this now? I mean it's almost the 10th. Thats nearly a week that they decided not to mention anything.

Would you prefer a news conference every time a company notices something erroneous, so we call all flip our collective shits until they realise it really wasn't anything at all?
And then when it IS something, we can all roll our eyes at the announcement and bitch at them for their constant scaremongering!

... I think someone could write a story out of this, but maybe make it a bit more low-tech. Instead of hacked servers, maybe... ooh, maybe a wolf could show up and eat some sheep...

email addresses, personal security question answers, mobile authenticator information and cryptographically scrambled Battle.net passwords is not your typical hack.

CrossLOPER:

Bibliotek:
Cant believe how some people celebrate blizz being hacked as a good thing. You know who gets hurt by this? The customers who get their info stolen, not blizz. Blizz will, like any other company, just ride this off. Youre celebrating that some guy trying to have fun with a game (that I guess you dont like) gets personal info (and maybe money) stolen from him.

Grow the fuck up.

And no, Im not a victim of this hacking (live in europe).

Hey you know what might help? NOT MAKING ME START ANOTHER ONLINE ACCOUNT JUST TO A GAME WITH THE INTENTION OF SIPHONING MONEY AWAY WITH AN AUCTION HOUSE.

They had years and this is what they came up with. Massive security gaps around a honeypot that confers no benefits to anyone but the hackers. This wouldn't have been a damn problem if they just had a single player free of the online component.

"but it's the hacker's fault... the hackers did this"

Yeah well glad they solved that problem. Oh wait.

How is this relevant to anything I wrote?

Your reply got nothing to do with the content of my post :D

But yeh, if youre chugging for my approval: I agree with you. Blizz tried to keep the game balanced and hack free with always online DRM (we see how well that worked out, hurr hurr hurr), and forgot that it was also going to be fun. I mean, its still a fun game, but it could have been a blast.

Bibliotek:

How is this relevant to anything I wrote?

Your reply got nothing to do with the content of my post :D

But yeh, if youre chugging for my approval: I agree with you. Blizz tried to keep the game balanced and hack free with always online DRM (we see how well that worked out, hurr hurr hurr), and forgot that it was also going to be fun. I mean, its still a fun game, but it could have been a blast.

Rampant security flaws for a "paid freemium" title are not something you "ride off".

Also, this game is literally a chore.

CrossLOPER:

Bibliotek:

How is this relevant to anything I wrote?

Your reply got nothing to do with the content of my post :D

But yeh, if youre chugging for my approval: I agree with you. Blizz tried to keep the game balanced and hack free with always online DRM (we see how well that worked out, hurr hurr hurr), and forgot that it was also going to be fun. I mean, its still a fun game, but it could have been a blast.

Rampant security flaws for a "paid freemium" title are not something you "ride off".

Also, this game is literally a chore.

Ah, now youre actually posting regarding something I wrote (although it was from my previous post, not this one)! Kudos!

The new WoW-expansion (release 25.sept.) will be a great meter to check how bad this has hit blizz' reputation. I estimate it wont affect the sales anything noteworthy. I would deem that "riding it off"

*captcha: "yee haw"... the sound of blizz riding it off I guess :D

Beautiful End:
I'm actually being serious. I mean, I know about scams and stuff. But this one seems pretty legit seeing as how it takes me directly to the Blizzard site (And with what purpose? So I could play a Blizzard game?). It's none of that "Your millionaire Blizzard account is waiting!" or "Blizzard is suing you so answer right now!". It just kinda warns me over and over again that my account might be banned.

Yeah, it looks like a bot or something but still...

Ahh, next time you see one of those emails, check the actual url it is sending you to, there's a good chance the domain is not actually battle.net

One of the more effective phishing techniques is to send you to a legitimate looking login page, along with a reason for you to try and log in to your account (and now the scammers have your login info). Blizzard contacting you will typically have all the relevant information in the email itself, which is likely tied to an email based ticket system.

Bibliotek:

The new WoW-expansion (release 25.sept.) will be a great meter to check how bad this has hit blizz' reputation. I estimate it wont affect the sales anything noteworthy. I would deem that "riding it off"

I forgot the type people we are dealing with.

You know what? Go ahead, Blizzombies. You like this shit? Go on.

Continue to rot.

CrossLOPER:

Bibliotek:

The new WoW-expansion (release 25.sept.) will be a great meter to check how bad this has hit blizz' reputation. I estimate it wont affect the sales anything noteworthy. I would deem that "riding it off"

I forgot the type people we are dealing with.

You know what? Go ahead, Blizzombies. You like this shit? Go on.

Continue to rot.

Haha, cute :D

Not possible to keep a conversation with a person who only reads what he wants to read, instead of what actually stands there.

Keep on raging and hating my friend, it will bring you happiness and prosperity!

Kross:

Beautiful End:
I'm actually being serious. I mean, I know about scams and stuff. But this one seems pretty legit seeing as how it takes me directly to the Blizzard site (And with what purpose? So I could play a Blizzard game?). It's none of that "Your millionaire Blizzard account is waiting!" or "Blizzard is suing you so answer right now!". It just kinda warns me over and over again that my account might be banned.

Yeah, it looks like a bot or something but still...

Ahh, next time you see one of those emails, check the actual url it is sending you to, there's a good chance the domain is not actually battle.net

One of the more effective phishing techniques is to send you to a legitimate looking login page, along with a reason for you to try and log in to your account (and now the scammers have your login info). Blizzard contacting you will typically have all the relevant information in the email itself, which is likely tied to an email based ticket system.

Ah, thanks. I have seen those sites/links somewhere else. I honestly don't remember if it was Battle.net or not but it looked pretty legit. That must be it, though.
At any rate, they kept bugging me so much that I blocked it...although now I'm getting SWTOR spam messages. So I'll keep it in mind! Thanks!

Bibliotek:
Haha, cute :D

Not possible to keep a conversation with a person who only reads what he wants to read, instead of what actually stands there.

Keep on raging and hating my friend, it will bring you happiness and prosperity!

It's pity, not rage.

In addition, apply your own advice with regards to reading comprehension towards yourself.

 Pages PREV 1 2 3

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here