Blizzard Sued Over Battle.net Authenticators

 Pages PREV 1 2 3 4 NEXT
 

acosn:
9/10ths of this isn't a case. Blizzard isn't responsible for the ineptitude of it's user base when it comes to computer security

Sadly, if this trial takes place in American courts (as I assume it will) this statement will be shown as false. American courts have proven time and time again that they hold companies responsible for the stupidity of their customers.

2 girls successfully sued McDonalds because - after eatting there 3 times a day for years - they became morbidly obese. They claimed that they didn't know the food was bad for them, apparently failing to realize that fat cooked in fat would contain fat.

A man successfully sued his local water company when he burned his genitals after stepping into the shower.

America is a country where a burglar can break into someone's home while they're asleep, slip and break his leg in the kitchen, and sue the homeowner and win.

I want Blizzard to lose this one just because I don't like the company in general, but even I admit this is a frivilous lawsuit...doesn't mean the American courts won't side with the plantif though.

Everyone knows that battlenet is about as secure as a screen door, The fact that blizzard profits from terrible security is a slap in the face. it's like paying thugs for protection money.

Blizzard may have big lawyers but the fact remains that raking stupid people of the coals because they are unaware that people out there are out to get their information seems pretty cruel. It makes me ill sometimes the way some software company's pad their profits. Bully for creative thinking but boo on being a decent human being.

Merlark:
Everyone knows that battlenet is about as secure as a screen door, The fact that blizzard profits from terrible security is a slap in the face. it's like paying thugs for protection money.

Blizzard may have big lawyers but the fact remains that raking stupid people of the coals because they are unaware that people out there are out to get their information seems pretty cruel. It makes me ill sometimes the way some software company's pad their profits. Bully for creative thinking but boo on being a decent human being.

How exactly do they profit from the terrible security? If people are getting turned off by their security then they wont be buying their games, so blizzard won't be making money, I'm confused.

RoBi3.0:

gmaverick019:

RoBi3.0:

It is risk free behavior because it is not against the law in most places (if any) to steal virtual gold. Blizzard makes people jump through plenty of hoops I have had to call them to get my account unlocked before because I logged on to WoW while across the country on business they noticed the unusual activity and locked my account until I could prove I was me.

okay yeah, it isn't illegal, but that doesn't discern the fact that the person is a douche, if you spent alot of work doing an awesome (and i mean fuckin awesome) side walk chalk drawing for days and someone came by and ruined it via whatever reason, wouldn't you be pretty pissed? they didn't do anything illegal, but they were definitely a douchebag.

fair enough, I just don't see why they don't do that universally for the battle.net accounts, (hate to use steam again, but it works folks) they should make you go through the e-mail via a code you get anytime you log on to a new computer, so your account/game stays safe from hackers that way, and if they can hack both your e-mail and your game account, then yeah, you're either doing something very wrong or they are physically at/by your computer getting the info.

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again now, but if you really want SOME reason for a steam account, it is as simple as using it for tf2 and key farming, as steam keeps your credit card details on hand for fast/easy buying (just went and double checked to make sure)

also, once again, i don't use wow, nor have ever touched it, yet my account was hacked faster than i even had a chance to beat D3, which is why i was talking about my explicit case. Steam isn't doing anything special?

image

I explicitly explained that steams method was much better than what battle.net does, otherwise my account would've been fine. It has nothing to do with what they COULD take, it is HOW they could take it.

I've played for 6 years without an authenticator, and never once had my account compromised.

mcattack92:
There is a free iOS and Android authenticator app made by Blizzard which you link it to your account so I don't see why they are suing over requiring to pay more to secure their data. It does the exact same thing the physical ones do.

http://itunes.apple.com/au/app/battle.net-mobile-authenticator/id306862897?mt=8
https://play.google.com/store/apps/details?id=com.blizzard.bma&hl=en

The only ones who should be crying are the ones without an Android or iOS device.

Quick point though, it's out for HTC and Windows 7 phones as well.

All in all though, in all the 6+ years I've been playing, I've never been hacked, with our without my authenticator. I got it for my ipod touch first, then for my htc surround, and I've never had any problems. I find that alot of the times it's their own fault if they get hacked, but hey, i guess that's just me right?

Crono1973:
I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

You're comparing apples and oranges. Steam doesn't have as many problems with people's accounts getting hacked (if any) because there's nothing you can do with someone's account. I guess you can fish through their gifts to see if there's anything in there, but even then there's no money to be made. Few people buy games from other people via Steam, usually they just trade with other people who have games they can gift. And a bank doesn't deal in virtual product at all. A hacker could do some damage, I suppose, but it'd be temporary at best. On that, the bank has a LOT of laws to protect its own ass, where games don't.

WhiteTigerShiro:

Crono1973:
I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

You're comparing apples and oranges. Steam doesn't have as many problems with people's accounts getting hacked (if any) because there's nothing you can do with someone's account. I guess you can fish through their gifts to see if there's anything in there, but even then there's no money to be made. Few people buy games from other people via Steam, usually they just trade with other people who have games they can gift. And a bank doesn't deal in virtual product at all. A hacker could do some damage, I suppose, but it'd be temporary at best. On that, the bank has a LOT of laws to protect its own ass, where games don't.

Yeah, just keep making excuses for the fact that Blizzard has more security issues than most.

The authenticators are available for purchase for anyone who doesn't already have a smartphone or iPod touch to run the authenticator on, regardless; using a unique password, that you keep secure, will always be better than additional security.

This just sounds to me like a case of butt-hurt by someone who probably responded to those emails from yahoo claiming that they are Blizzard and you are trying to sell your Diablo III account.

gmaverick019:

RoBi3.0:

gmaverick019:

okay yeah, it isn't illegal, but that doesn't discern the fact that the person is a douche, if you spent alot of work doing an awesome (and i mean fuckin awesome) side walk chalk drawing for days and someone came by and ruined it via whatever reason, wouldn't you be pretty pissed? they didn't do anything illegal, but they were definitely a douchebag.

fair enough, I just don't see why they don't do that universally for the battle.net accounts, (hate to use steam again, but it works folks) they should make you go through the e-mail via a code you get anytime you log on to a new computer, so your account/game stays safe from hackers that way, and if they can hack both your e-mail and your game account, then yeah, you're either doing something very wrong or they are physically at/by your computer getting the info.

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again now, but if you really want SOME reason for a steam account, it is as simple as using it for tf2 and key farming, as steam keeps your credit card details on hand for fast/easy buying (just went and double checked to make sure)

also, once again, i don't use wow, nor have ever touched it, yet my account was hacked faster than i even had a chance to beat D3, which is why i was talking about my explicit case. Steam isn't doing anything special?

image

I explicitly explained that steams method was much better than what battle.net does, otherwise my account would've been fine. It has nothing to do with what they COULD take, it is HOW they could take it.

Aren't you cute you busted of a meme.

Fiscal value has everything to do with the frequency as to why Blizzard accounts get hacked over Steam accounts. Just so you know D3 has gold in it that can be stolen and turned into cash in the same manner as the gold in WoW. You don't seem to understand the fundamental reason why D3 and WoW accounts are hacked. It is not about a dick hole hacking into your account to destroy your chalk art for the sake of being an asshole. It is a business (albeit one where you have to be an asshole) and if there is no way to turn a profit there is no reason to hack an account.

Nothing is hack proof. If there were a way to turn hacked Steam accounts into a profitable business I guarantee that some one would find away to break Steam security and go to town.

Also wasn't Steam hacked a few month back, I remember having to change my password.

Google says! YES!

http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/

So would you care to explain to me again how Steam does stuff better then anyone else.

Don't see this going anywhere. As far as I know, Blizzard security without the authenticator is more or less what any service has, and the authenticator is just extra, not required.

faefrost:
Snip

I totally understand that if someone decides to be a regular internet user, then they have the responsibility of making sure that they're secure. It's incredibly easy to find 1 or more programs that practically take care of it for you if you don't click every link in your e-mail.

That said, Blizzard does have some responsibility of ensuring that the data they hold of yours is secure as well. Because they do get hacked, independently of what passwords people use or whether they keep viruses/malware off of their computer. Here's some sauce about that:

http://www.gamespot.com/news/blizzard-confirms-battlenet-hacked-6391135
http://www.computerandvideogames.com/362286/blizzard-hacked-battlenet-data-stolen/

Links even state that the authenticators themselves were compromised. I feel personally that user and company are both obliged to secure their respective data. That said, I understand the argument totally that "if you need an authenticator at all, then it's a fail on your part." But the point here is that this isn't the whole picture. Before this became an issue, it isn't made clear before sale that you NEED the authenticator to take place in the RMAH. It would be different if someone got hacked and you pointed and said "well that's your fault, you don't keep viruses out of your computer/didn't buy an authenticator." This is being blocked from a major focus of the game whether you take precautions or not.

Granted, I don't have a smartphone or anything that runs "apps" that don't execute with sh or .exe. And I will admit that I'm still bitter about the whole thing. I'd need to spend an extra 6 bucks to plug in a USB stick in order to forcibly play Diablo online alone or otherwise, if I want to make money off of my non-MMO online game. I don't like the whole idea of Diablo being an RL money making venture, it just strikes me as them deciding to move the black market in-house and profit off of it continuing to happen. That aside, I apologize if that whole mindset causes me to be biased about this.

RoBi3.0:

gmaverick019:

RoBi3.0:

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again now, but if you really want SOME reason for a steam account, it is as simple as using it for tf2 and key farming, as steam keeps your credit card details on hand for fast/easy buying (just went and double checked to make sure)

also, once again, i don't use wow, nor have ever touched it, yet my account was hacked faster than i even had a chance to beat D3, which is why i was talking about my explicit case. Steam isn't doing anything special?

image

I explicitly explained that steams method was much better than what battle.net does, otherwise my account would've been fine. It has nothing to do with what they COULD take, it is HOW they could take it.

Aren't you cute you busted of a meme.

Fiscal value has everything to do with the frequency as to why Blizzard accounts get hacked over Steam accounts. Just so you know D3 has gold in it that can be stolen and turned into cash in the same manner as the gold in WoW. You don't seem to understand the fundamental reason why D3 and WoW accounts are hacked. It is not about a dick hole hacking into your account to destroy your chalk art for the sake of being an asshole. It is a business (albeit one where you have to be an asshole) and if there is no way to turn a profit there is no reason to hack an account.

Nothing is hack proof. If there were a way to turn hacked Steam accounts into a profitable business I guarantee that some one would find away to break Steam security and go to town.

Also wasn't Steam hacked a few month back, I remember having to change my password.

Google says! YES!

http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/

So would you care to explain to me again how Steam does stuff better then anyone else.

okay how many times do i need to say this to you? I was not arguing the fiscal value, any child with a single brain cell can understand that hacking a battle net account is much more worth anything, i was never arguing against that.

and I never once said steam was hackproof, nor was I trying to prove that it was hackproof, I was merely stating it's security was better for me, as a user, by making every user verify through their e-mail everytime they use a new computer, so when my battle.net account was hacked, that simple piece of security would've stopped them dead in their tracks until they also hacked my e-mail account.

you started the quote/attack war, so would you please stay on topic to what I was discussing, and stop bringing up shit that I wasn't arguing in the first place.

gmaverick019:

RoBi3.0:

gmaverick019:

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again now, but if you really want SOME reason for a steam account, it is as simple as using it for tf2 and key farming, as steam keeps your credit card details on hand for fast/easy buying (just went and double checked to make sure)

also, once again, i don't use wow, nor have ever touched it, yet my account was hacked faster than i even had a chance to beat D3, which is why i was talking about my explicit case. Steam isn't doing anything special?

image

I explicitly explained that steams method was much better than what battle.net does, otherwise my account would've been fine. It has nothing to do with what they COULD take, it is HOW they could take it.

Aren't you cute you busted of a meme.

Fiscal value has everything to do with the frequency as to why Blizzard accounts get hacked over Steam accounts. Just so you know D3 has gold in it that can be stolen and turned into cash in the same manner as the gold in WoW. You don't seem to understand the fundamental reason why D3 and WoW accounts are hacked. It is not about a dick hole hacking into your account to destroy your chalk art for the sake of being an asshole. It is a business (albeit one where you have to be an asshole) and if there is no way to turn a profit there is no reason to hack an account.

Nothing is hack proof. If there were a way to turn hacked Steam accounts into a profitable business I guarantee that some one would find away to break Steam security and go to town.

Also wasn't Steam hacked a few month back, I remember having to change my password.

Google says! YES!

http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/

So would you care to explain to me again how Steam does stuff better then anyone else.

okay how many times do i need to say this to you? I was not arguing the fiscal value, any child with a single brain cell can understand that hacking a battle net account is much more worth anything, i was never arguing against that.

and I never once said steam was hackproof, nor was I trying to prove that it was hackproof, I was merely stating it's security was better for me, as a user, by making every user verify through their e-mail everytime they use a new computer, so when my battle.net account was hacked, that simple piece of security would've stopped them dead in their tracks until they also hacked my e-mail account.

you started the quote/attack war, so would you please stay on topic to what I was discussing, and stop bringing up shit that I wasn't arguing in the first place.

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Blizzard does its users a solid by offering authenticators at a price that prevents them from profiting from promoting user security. They get sued.

Fuck these guys

Baneat:
Blizzard does its users a solid by offering authenticators at a price that prevents them from profiting from promoting user security. They get sued.

Fuck these guys

Those authenticators are exactly the same as the ones the banks give to you for free, just in a fancy case. There is no reason they couldn't include one in boxed copies of their games.

RoBi3.0:

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

Don't typically root for the money grubbing lawyers but I'll make an exception here. The whole Authenticator thing fails the smell test. Rather than make the log in process more secure, they sell victims... er, customers, authenticators instead.

Get them, jackal lawyers. Tear them limb from limb!

Crono1973:

WhiteTigerShiro:

Crono1973:
I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

You're comparing apples and oranges. Steam doesn't have as many problems with people's accounts getting hacked (if any) because there's nothing you can do with someone's account. I guess you can fish through their gifts to see if there's anything in there, but even then there's no money to be made. Few people buy games from other people via Steam, usually they just trade with other people who have games they can gift. And a bank doesn't deal in virtual product at all. A hacker could do some damage, I suppose, but it'd be temporary at best. On that, the bank has a LOT of laws to protect its own ass, where games don't.

Yeah, just keep making excuses for the fact that Blizzard has more security issues than most.

Actually, no, they don't. You know how Steam's forums were hacked? The PSN hack? Even Nintendo and I think Microsoft have had their services hacked. Heck, I even got an email one day from the Bioware forums telling me that I should change my passwords. Damn near everyone has had their own services attacked in this manner; except for Blizzard. Pretty much every time someone's account is hacked in WoW or D3 it's because the client (aka: the player) allowed a keylogger onto their system, or went to a third party site where they provided their password, or did some other stupid thing that allowed the farmers to get onto their account.

So explain to me how it's Blizzard's fault when you give your username and password to someone else? To say that "Blizzard has more security issues" is like Mac users bragging about how the iOS is "hack-proof" and impossible to design viruses for.

gmaverick019:

RoBi3.0:

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

RoBi3.0:

gmaverick019:

RoBi3.0:

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

Aeshi:

If you have a mobile phone it is free, to my knowledge you only have to pay if you want the authenticator stick (basically a small USB stick with the authenticator on it) and I think even then you pay for the hardware more than the program on it.

I'm just curious: do they advertise this? The reason I ask is the assertion from the suit is more or less that they don't really tell people about it until after the fact.

Which would also beg the question as to why they don't just package the technology, but I don't know enough about this situation.

It's official, blizzard are rating at a 0.7 EA units of corporate evilness.

gmaverick019:

RoBi3.0:

gmaverick019:

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

I wasn't going to point this out as you said you were done responding to me but since you did respond. I will further explain while e-mail verification is a stupid idea for battle.net accounts. Blizzard log in credentials use your e-mail address you know the one linked to your account the one that a e-mail verification would be sent to. If a hacker had your log in credentials he would have half of you e-mail credentials which essentially means all e-mail verification would be is a second password to get into your account. A password that could be gotten in roughly the same manner that a large majority of user information is gotten in Blizzard hacks. If a second password was actually an effective means of online security all online accounts would have 2 passwords.

Furthermore, you say Steam has never failed you client side, but refuse to listen to logically explanation has to why most hackers are not focusing hacking efforts on Steam accounts, because there is no profits in it.

I could park a beater Pinto station wagon next a custom Lamborghini and lock the doors of both cars. If one of the two cars is stolen there is a higher probability that the Lamborghini would be the one stolen and it wouldn't be because the the door locks on the Pinto were hard to get through. but you don't want to hear that cause it "isn't on topic". Steam is less likely to get hacked because it is a target less often. Plain and simple.

NLS:
It's optional. If you can't keep your own account safe, then you deserve it.

Many many Diablo 3 accounts were hacked without any virus, spyware, keyloggers, or other such programs installed in the host computer, Diablo 3 was vulnerable to brute force password hacking up until a "stealth patch" around 1.01b or so, addressed the issue and stopped it outright.

So, its not always the users fault.

gmaverick019:

NLS:
It's optional. If you can't keep your own account safe, then you deserve it.

oh right, because on diablo III, the fact that I never played with anyone and never have been hacked/phished before, means that i'll be 100% safe?

yeah right, try again, my account was stolen within a week and a half of having the game, and it was the biggest pain in the ass trying to get it back with blizzards stupid support, because you have to call in and their lines are either always flooded or they don't have anyone to help you at the moment.

Same here, first week, account hacked, everything taken...I got a rollback, but still, first week, actually...it was 4 days after purchase.

This was after going YEARS on WoW without security compromise, and I'm very careful about what I download and install.

mcattack92:
There is a free iOS and Android authenticator app made by Blizzard which you link it to your account so I don't see why they are suing over requiring to pay more to secure their data. It does the exact same thing the physical ones do.

http://itunes.apple.com/au/app/battle.net-mobile-authenticator/id306862897?mt=8
https://play.google.com/store/apps/details?id=com.blizzard.bma&hl=en

The only ones who should be crying are the ones without an Android or iOS device.

There are plenty of people who don't have smartphones, requiring them to pay more for extra security is stupid. I do a good job of keeping my information safe so I'm not exactly worried about not having one, but that doesn't mean something bad won't happen and someone won't get your info anyway, no matter what precautions you take.

RoBi3.0:

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

Hats. Vintage items. Anything else tradable in TF2, just off the top of my head.

Though wasn't there an article a while back that pointed out that the authenticator setup had already been cracked?

And as for the whole 'It's *always* the client's fault!'--all the client-side security in the world doesn't do a bit of good if the brats copy off the user and password files. Ask Sony about that one...and crackers are like cockroaches--if you spot one, there's probably at least a dozen more crawling around unseen.

Vulpis:

RoBi3.0:

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

Hats. Vintage items. Anything else tradable in TF2, just off the top of my head.

Though wasn't there an article a while back that pointed out that the authenticator setup had already been cracked?

And as for the whole 'It's *always* the client's fault!'--all the client-side security in the world doesn't do a bit of good if the brats copy off the user and password files. Ask Sony about that one...and crackers are like cockroaches--if you spot one, there's probably at least a dozen more crawling around unseen.

Yes, of course hats why didn't I think of that cause TF2 hats are on every Steam account and a hacker can get a guaranteed pay out even if it is a small one. I did think we were arguing non-client side security. [If we are I think you already stated that you figure blizzard has better security on their end].

Yes databases can be hacked and I don't think there is a game company of note that hasn't been hacked it happens. I don't believe I ever said hacks happen exclusively on the client side as that is obviously not the case. Most of my agreement thus far have been about client side hacks because that is what we have been talking about.

Also I have not heard anything about authenticators being cracked and I follow Blizzard news tightly, so if it had happened I would know about it. Maybe you are referring to a database hack that happened back in August where hackers accessed encrypted mobile authenticator serial numbers. These number are used to sync mobile authenticators to accounts. At best if the encryption was cracked hackers could have cloned authenticators, but this is easily countered by getting a new mobile authenticator number, which blizzard made everyone do. This incident is no where near cracking the authenticator system. So unless you can link a credible article about the authenticator system being cracked I am going to have to call BS on that point.

Edit: just realized you are not the person that has been arguing with me for the last day and half. Was responding from my phone which made your user name hard to read. Some of what I said does apply to you I will put it in brackets. I apologize for the confusion.

RoBi3.0:

gmaverick019:

RoBi3.0:

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

I wasn't going to point this out as you said you were done responding to me but since you did respond. I will further explain while e-mail verification is a stupid idea for battle.net accounts. Blizzard log in credentials use your e-mail address you know the one linked to your account the one that a e-mail verification would be sent to. If a hacker had your log in credentials he would have half of you e-mail credentials which essentially means all e-mail verification would be is a second password to get into your account. A password that could be gotten in roughly the same manner that a large majority of user information is gotten in Blizzard hacks. If a second password was actually an effective means of online security all online accounts would have 2 passwords.

Furthermore, you say Steam has never failed you client side, but refuse to listen to logically explanation has to why most hackers are not focusing hacking efforts on Steam accounts, because there is no profits in it.

I could park a beater Pinto station wagon next a custom Lamborghini and lock the doors of both cars. If one of the two cars is stolen there is a higher probability that the Lamborghini would be the one stolen and it wouldn't be because the the door locks on the Pinto were hard to get through. but you don't want to hear that cause it "isn't on topic". Steam is less likely to get hacked because it is a target less often. Plain and simple.

i know how it works, i'm just saying it adds another layer of security that would've required more effort on the hackers part, as he would then have to figure out a way to get my e-mail password also. Please tell me how that would impede the user that much more to have to verify their computer each time they used it at a different location.

Logical explanation? I have not once argued that hackers are not going for blizzard accounts over steam/*insert account here*, Stop ignoring the fact that I have said MULTIPLE times that blizzard has more to offer via their accounts. I've said it in multiple posts, I wasn't referring to the quantity of what they could steal, or how much they could steal, it was HOW they could steal it.

If you can't comprehend basic english as to what I've been saying the past 8 or so posts, then don't bother responding, I've not once argued that Blizzard has more attacks/hackers going for it, yet you have this silly notion in your head that I cannot comprehend what your saying, when in fact I was never arguing that at all.

gmaverick019:

RoBi3.0:

gmaverick019:

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

I wasn't going to point this out as you said you were done responding to me but since you did respond. I will further explain while e-mail verification is a stupid idea for battle.net accounts. Blizzard log in credentials use your e-mail address you know the one linked to your account the one that a e-mail verification would be sent to. If a hacker had your log in credentials he would have half of you e-mail credentials which essentially means all e-mail verification would be is a second password to get into your account. A password that could be gotten in roughly the same manner that a large majority of user information is gotten in Blizzard hacks. If a second password was actually an effective means of online security all online accounts would have 2 passwords.

Furthermore, you say Steam has never failed you client side, but refuse to listen to logically explanation has to why most hackers are not focusing hacking efforts on Steam accounts, because there is no profits in it.

I could park a beater Pinto station wagon next a custom Lamborghini and lock the doors of both cars. If one of the two cars is stolen there is a higher probability that the Lamborghini would be the one stolen and it wouldn't be because the the door locks on the Pinto were hard to get through. but you don't want to hear that cause it "isn't on topic". Steam is less likely to get hacked because it is a target less often. Plain and simple.

i know how it works, i'm just saying it adds another layer of security that would've required more effort on the hackers part, as he would then have to figure out a way to get my e-mail password also. Please tell me how that would impede the user that much more to have to verify their computer each time they used it at a different location.

Logical explanation? I have not once argued that hackers are not going for blizzard accounts over steam/*insert account here*, Stop ignoring the fact that I have said MULTIPLE times that blizzard has more to offer via their accounts. I've said it in multiple posts, I wasn't referring to the quantity of what they could steal, or how much they could steal, it was HOW they could steal it.

If you can't comprehend basic english as to what I've been saying the past 8 or so posts, then don't bother responding, I've not once argued that Blizzard has more attacks/hackers going for it, yet you have this silly notion in your head that I cannot comprehend what your saying, when in fact I was never arguing that at all.

Yes I don't agree with you insult my reading comprehension, cause that is classy.

I am not saying that e-mail verification would impeded users, not once have I said that. In fact authenticators are way more disruptive then e-mail verification would be. What I am saying is that e-mail verification would be less effective at protecting Battle.net accounts then it is at protecting Steam accounts, and it is far less effective then authenticators. I don't feel that Blizzard should go out of its way to implement yet other safety feature that is less effective then what is currently available, because a relatively small (I am guessing less then 1%)part of its player base doesn't have access to free authenticator options and is also unwilling to spend 6.50 or so on a physical authenticator. Especially since having your account hacked will not ruin your life or credit at best you lose time making a phone call since more often then not Blizzard restores what ever was lost. Worst case scenario you lose time and some virtual crap.

I don't agree with you. You can keep trying to insult me if you wish, but that doesn't make your point anymore meaningful.

RoBi3.0:

Yes I don't agree with you insult my reading comprehension, cause that is classy.

I am not saying that e-mail verification would impeded users, not once have I said that. In fact authenticator are way more disruptive then e-mail verification would be. What I am saying is that e-mail verification would be less effective at protecting Battle.net accounts then it is at protecting Steam accounts, and it is far less effective then authenticators. I don't feel that Blizzard should go out of its way to implement yet other safety feature that is less effective then what is currently available, because a relatively small (I am guessing less then 1%)part of its player base doesn't have access to free authenticator options and is also unwilling to spend 6.50 or so on a physical authenticator. Especially since having your account hacked will not ruin your life or credit at best you lose time making a phone call since more often then not Blizzard restores what ever was lost. Worst case scenario you lose time and some virtual crap.

I don't agree with you. You can keep trying to insult me is you wish, but that doesn't make your point anymore meaningful.

insult you? I was merely stating that if you keep ignoring the fact that I never argued that the authenticator worked nor was I arguing the fiscal value of blizzard accounts, hell that one post I quote pasted myself at least 10 times to get across the point, yet you continued to argue it. That is when I questioned your comprehension of English.

I wasn't arguing it was less effective, but I was arguing that it should be implemented in the first place, it is an easy and free layer of security for the users side that anyone can do in a matter of a minute or two, while the authenticator requires a purchase of some kind (a smart phone or paying for the physical usb drive). And as I said before, I never interacted with anyone else ever, on D3, as it was the only game I played, I should not be required to buy some authenticator to play my game, that is absolute garbage. No it will not ruin your life or credit, but that isn't the point, I could call "first world problems" all day on stuff, but that doesn't mean it isn't a nuisance/problem that shouldn't be happening. And as I had mentioned in my first post or two, it is a very long and painful pain in the ass phone call, because you HAVE to call in, there is no option of recovering your account online like most systems have (i'm not going to argue "security" on that point, if you respond saying something regarding calling in being more secure, i'm not going to respond on it, it doesn't change the fact it is much more of a hassle)

Lose time and virtual Crap? Weren't you just regarding it all being worth money? Pick one or the other, the account is either worth nothing or worth something.

Insult you? Oh right, because "u mad bro?" is so mature and enticing to a fruitful discussion. I did not go out of my way to quote you and then not even argue the point that I was trying to make, so try again. What don't you agree with? The only fact that I'm arguing is, is the fact that if blizzard implemented something similar to steam, or whoever might do a system like it, that it would've stopped the hacker from using my account for little to no hassle on my part, that didn't require me purchasing anything additional. That is all I argued, yet you keep bringing up the fiscal value of the account and the authenticator, and not once was I arguing those weren't valued more/effective respectively.

gmaverick019:

RoBi3.0:

Yes I don't agree with you insult my reading comprehension, cause that is classy.

I am not saying that e-mail verification would impeded users, not once have I said that. In fact authenticator are way more disruptive then e-mail verification would be. What I am saying is that e-mail verification would be less effective at protecting Battle.net accounts then it is at protecting Steam accounts, and it is far less effective then authenticators. I don't feel that Blizzard should go out of its way to implement yet other safety feature that is less effective then what is currently available, because a relatively small (I am guessing less then 1%)part of its player base doesn't have access to free authenticator options and is also unwilling to spend 6.50 or so on a physical authenticator. Especially since having your account hacked will not ruin your life or credit at best you lose time making a phone call since more often then not Blizzard restores what ever was lost. Worst case scenario you lose time and some virtual crap.

I don't agree with you. You can keep trying to insult me is you wish, but that doesn't make your point anymore meaningful.

insult you? I was merely stating that if you keep ignoring the fact that I never argued that the authenticator worked nor was I arguing the fiscal value of blizzard accounts, hell that one post I quote pasted myself at least 10 times to get across the point, yet you continued to argue it. That is when I questioned your comprehension of English.

I wasn't arguing it was less effective, but I was arguing that it should be implemented in the first place, it is an easy and free layer of security for the users side that anyone can do in a matter of a minute or two, while the authenticator requires a purchase of some kind (a smart phone or paying for the physical usb drive). And as I said before, I never interacted with anyone else ever, on D3, as it was the only game I played, I should not be required to buy some authenticator to play my game, that is absolute garbage. No it will not ruin your life or credit, but that isn't the point, I could call "first world problems" all day on stuff, but that doesn't mean it isn't a nuisance/problem that shouldn't be happening. And as I had mentioned in my first post or two, it is a very long and painful pain in the ass phone call, because you HAVE to call in, there is no option of recovering your account online like most systems have (i'm not going to argue "security" on that point, if you respond saying something regarding calling in being more secure, i'm not going to respond on it, it doesn't change the fact it is much more of a hassle)

Lose time and virtual Crap? Weren't you just regarding it all being worth money? Pick one or the other, the account is either worth nothing or worth something.

Insult you? Oh right, because "u mad bro?" is so mature and enticing to a fruitful discussion. I did not go out of my way to quote you and then not even argue the point that I was trying to make, so try again. What don't you agree with? The only fact that I'm arguing is, is the fact that if blizzard implemented something similar to steam, or whoever might do a system like it, that it would've stopped the hacker from using my account for little to no hassle on my part, that didn't require me purchasing anything additional. That is all I argued, yet you keep bringing up the fiscal value of the account and the authenticator, and not once was I arguing those weren't valued more/effective respectively.

Your attempting to be insulting by telling me I can't comprehend basic English. And Condescending Wonka isn't meant to be insulting and I don't know condescending or anything. Your not required to buy an authenticator to play Blizzard games that is not at all a fact, so you should probably stop claiming it is. Without an authenticator you need to be super vigilant with your security, something you should probably be regardless.

Gold is only worth real life money if you are willing to break the EULA and risk your account being banned. For normal players gold is worth nothing.

Interaction with people is not what puts you at risk pure shitty luck is all it takes to get hacked. I am not even gong to begin to try and guess why you got hacked, cause anything would be a blind stab in the dark.

I don't agree that an e-mail verification system is necessary. It may have prevented your hack it might not have. Cost verse reward is very low, as this system would ultimately only benefit a very small portion of the player base.

I find it weird you can spend 50 dollars on a game but 6.50 s a deal breaker, but that really isn't the point. I guess.

Andrew_C:

Baneat:
Blizzard does its users a solid by offering authenticators at a price that prevents them from profiting from promoting user security. They get sued.

Fuck these guys

Those authenticators are exactly the same as the ones the banks give to you for free, just in a fancy case. There is no reason they couldn't include one in boxed copies of their games.

Client-side account security is your own responsibility - they've made available an option for people that can't be sure their systems stay clean, those who can't stop using the same password and email for sites (which then get hacked and people try the combinations in the game client for winners). They're offering an additional layer to you for the cost of materials because it's not their responsibility but they don't want you to get socially engineered out of your account. They offer free options as applications in other devices; you want this level of security and also want the convenience pay the token fee.

Baneat:

Andrew_C:

Baneat:
Blizzard does its users a solid by offering authenticators at a price that prevents them from profiting from promoting user security. They get sued.

Fuck these guys

Those authenticators are exactly the same as the ones the banks give to you for free, just in a fancy case. There is no reason they couldn't include one in boxed copies of their games.

Client-side account security is your own responsibility - they've made available an option for people that can't be sure their systems stay clean, those who can't stop using the same password and email for sites (which then get hacked and people try the combinations in the game client for winners). They're offering an additional layer to you for the cost of materials because it's not their responsibility but they don't want you to get socially engineered out of your account. They offer free options as applications in other devices; you want this level of security and also want the convenience pay the token fee.

I never said that that client side security is not your responsibility. However it has been clear for more than a decade that 2 factor security (username and password) is inadequate and 3 factor security is the bare minimum for a secure transaction. Thus Blizzard also has a responsibility to ensure that their users use 3 factor security, which they ARE fulfilling here, however they are using it to make a tidy profit.

As I said before those are the same authenticators that banks hand out for free, just in a nifty package. I cannot believe that Blizzard are not making a profit of this. While I find plenty of fans claiming Blizzard are selling them at cost price, I can find no evidence that they have ever claimed that. I am aware that the price includes shipping, and I assume that this idea that Blizzard make no money off them came from that.

I do not have a smart phone, and see no need for one at the moment. If I used Blizzard products, I would have to buy an authenticator, because despite having an SMS service for confirmations and for revoking authenticators, Blizzard somehow can't do authentication by SMS, unlike Paypal (or Google).

Despite what I have said here I don't have any objection to the cost of Blizzard's authenticator, it is quite reasonably priced IMHO and is certainly a lot cheaper than PayPal's one. It is the idea that Blizzard are doing it out of sheer goodwill that I have a problem with.

 Pages PREV 1 2 3 4 NEXT

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Registered for a free account here