Diablo® III

Battle.net® Account Security & Diablo® III

(Locked)

90 Orc Shaman
10620
Posts: 14,245
You guys realize they have to legally announce if their databases were compromised, and it wasn't your fault?
I doubt they'd break the law and not "admit" that it's their fault, god knows what'd happen if they didn't do what they legally have to.
Maybe you should learn some basic law before you start pointing fingers.


Big companies with millions (to billions) in profit at risk in revealing the truth always obey the law! Because it's what Jesus would do.


Um, you realize that withholding this information is a VERY severe crime that would result in millions of dollars in fines and possibly the company getting shut down? To keep something like this secret would involve HUNDREDS of people conspiring, not only risking their jobs but also JAIL TIME, to keep something secret that would be found out anyway.

Withholding this information is a severe violation of federal law, and would result MANY MANY people facing long prison sentences and severe fines. Do you SERIOUSLY think Blizzard would be willing to take a risk like this?
Edited by Saerydoth#1867 on 5/21/2012 9:09 PM PDT
2 Human Warlock
0
Posts: 9,822
@Hellasha

Instead of trying to seem clever, can you explain how people with auth had been hacked when the code is unique use and not a time limitation or I dunno what? Even a keylogger / eye on your keyboard watching u all day won't permit someone to use a 2nd time a same auth code.


Authenticators are not foolproof, one does not make you immune to hackers.

And increasingly naive to think everyone with an authenticator that is super cautious and hasn't been hacked in 8 years of WoW is suddenly instantly hacked in Diablo 3.

Blizzard screwed up bad. The 1 thing everyone who has been hacked has in common is joining public games, especially during ni-hao hours.


Having an Authenticator does not make you immune to having your account compromised from your end. It does make it more difficult, but it is not foolproof.

It is rare to find someone who is completely innocent when these things happen. It is quite common for people on the internet to lie about their own shortcomings in order to get something for free from a major company or to shift the blame from them to another party, since clearly they couldn't have done anything wrong.


Since the issue isn't effecting you I wouldn't expect you to do a little research and see that people with authenticators are having this issue. If you wanna do customer service, do your job right.


Actually all that anyone other than Blizzard doing research would find is a few people who CLAIM to have authenticators (some of swhom have been shown not to by WoW pet listings)... Blizzard on the other hand CAN actually do that research and posted what they did...

Sane conclusion... lots of compromised accounts all hit a few days before the biggest money making event (opening of the RMAH)... Lord only knows how long those accounts have been vulnerable but not used.
find out how to do it, and spam general with it, then they will be forced to address it :P
still waiting, already had authenticator attached still happend.
Posts: 32


And increasingly naive to think everyone with an authenticator that is super cautious and hasn't been hacked in 8 years of WoW is suddenly instantly hacked in Diablo 3.

Blizzard screwed up bad. The 1 thing everyone who has been hacked has in common is joining public games, especially during ni-hao hours.


No one with an authenticator has been hacked, anyone who says so is lying.


Wow, somebody sure is in denial. Since you've made the claim, the burden of proof is on you, and you need to show everybody that they are lying.
Except authenticators don't stop session spoofing?

Nice cookie cutter response though I guess.


It is funny that every now and then "session spoofing" shows up in posts,
Then blizzard decided to act as if they doesn't exist.

PR: Say nothing, THAT ACTUALLY HELPS!
05/21/2012 08:54 PMPosted by steveman0




Glad you got a laugh out of it. Lets me know that you where you stand in your education. Maybe I got a few words mixed around. Common collector base...same thing.. only you as an electrical engineer would know what type of material was doped in the npn or the pnp transistor. I eagerly await your response. On second thought I have better things to do. Like take Geritol and get a good night's rest.

I'm a year into my PhD. No not same thing lol. It still has no place in the conversation seeing as Bipolars aren't used outside of analog electronics and just comes across as trying to show off an education that you don't appear to have.


Sigh. Sure I have no education. I am just a dumb ole country boy that knows the basis of every CPU is developed upon the founding principles of millions of transistors doing the simple boolean algebra stuff based upon the logic of j-k flip flops. I digress though since you know far more than I do.

Like how Blizzard is saying it is my fault for my logon credentials and yet their log files show NO unusual logins from the time I legitimately logged off to take my geritol and sleep to my legitimate logon after work the next day.


No one with an authenticator has been hacked, anyone who says so is lying.


I wouldn't go that far. If someone has access to YOUR machine, and you set up the Authenticator such that it only asks you once ever week or so, it's completely possible for them to just log in through your machine.

For the Authenticator to be 100% effective you have to set it so that it asks for the log in every time. This reduces the attack opportunity from days to seconds.
Posts: 1,803
View profile


And increasingly naive to think everyone with an authenticator that is super cautious and hasn't been hacked in 8 years of WoW is suddenly instantly hacked in Diablo 3.

Blizzard screwed up bad. The 1 thing everyone who has been hacked has in common is joining public games, especially during ni-hao hours.


No one with an authenticator has been hacked, anyone who says so is lying.


But my friends have been hacked and I've seen their physical authenticators in person. And they haven't been hacked in 8 years of WoW and know all about avoiding shady websites and keyloggers.

This was a blatant session hijack. Blizzard has lost all credibility by blaming the victims in this scenario where it's impossible for it to be the victim's fault.
Posts: 2,553
c'mon guys, it's impossible that Blizz got breached! As impossible as Rift got...

http://www.shacknews.com/article/71706/rift-hacked-user-information-stolen

/sarcasm off


Rift doesn't have the infrastructure that Blizzard has. Rift also was exploited immediately, while Blizzard has gone for almost a decade without a single compromise on their end, including compromises of their customer's private information and compromises of the game servers or clients. That's proof right there that you're comparing apples to oranges. Also, if you want sarcasm, denial isn't just a river in Egypt.
I don't feel Blizzard is addressing the issue here.

I would appreciate an official post from Blizzard about the server security issues going on, or did I miss it somewhere? I looked around and couldn't find it.

I just want to play D3..... :(

Fresh Windows 7 install, Radeon drivers, Diablo 3, and Google Chrome.

That's all I have on here so far. Definitely no key loggers. No flash sites have been visited, not even FB on this computer, and I have not signed in on any other computer.

My lvl 60 wizard who was clearing Inferno well is now naked, and over 1 mil gold is missing, after just 1 minute of them logging in (they booted me off while I was playing so I immediately tried to search forums for answers).

If anyone was wondering the person who was on my recent played list is named:
skts#3354
char name is: sdffghfg
A lvl 2 barb with 15 hours played haha, bet he has over 500 million gold easy :P
Posts: 208


Big companies with millions (to billions) in profit at risk in revealing the truth always obey the law! Because it's what Jesus would do.


Um, you realize that withholding this information is a VERY severe crime that would result in millions of dollars in fines and possibly the company getting shut down? To keep something like this secret would involved HUNDREDS of people conspiring, not only rising their jobs but also JAIL TIME, to keep something secret that would be found out anyway.

Withholding this information is a severe violation of federal law, and would result MANY MANY people facing long prison sentences and severe fines. Do you SERIOUSLY think Blizzard would be willing to take a risk like this?


Unless your credit card info is at risk, they probably don't have to report a thing. The reason for the law that everyone likes to quote is because of credit identity theft. Since that isn't the issue, then Blizzard isn't legally required to notify.
90 Gnome Warrior
1420
Posts: 595
Except authenticators don't stop session spoofing?

Nice cookie cutter response though I guess.


It is funny that every now and then "session spoofing" shows up in posts,
Then blizzard decided to act as if they doesn't exist.

PR: Say nothing, THAT ACTUALLY HELPS!


That is because the problem doesn't exist and it is a creation of frustrated morons that need a scapegoat.

Actually all that anyone other than Blizzard doing research would find is a few people who CLAIM to have authenticators (some of swhom have been shown not to by WoW pet listings)...

I have an authenticator tied to my account. What pets do I have?

Do you work for blizzard? Why are you defending them so hard?
Edited by themacabre#1418 on 5/21/2012 9:12 PM PDT
@Hellasha

ok dude. When u have to enter the auth code each time u log i don't see how you can bypass that even if you have the password of someone. Ho wait... maybe the hackers know how to generate true auth code now? that better in that case, no?

Time to open your eyes, kid. If it was only users without auth so i'll agree with you, can be user fault. But no, it's impossible if people with auth are getting hacked, or they know how to hack auth himself now too.
Personally, I like the "may have been compromised".
Posts: 1,803
View profile


No one with an authenticator has been hacked, anyone who says so is lying.


I wouldn't go that far. If someone has access to YOUR machine, and you set up the Authenticator such that it only asks you once ever week or so, it's completely possible for them to just log in through your machine.

For the Authenticator to be 100% effective you have to set it so that it asks for the log in every time. This reduces the attack opportunity from days to seconds.


Except that session hijacking completely bypasses the need to enter authenticator, or even knowing the password or email. Once you are signed onto a game your session-id is the confirming of having made it past security features.. it's the pass that says you're legit.

And this pass is easily copied. It's why people that have been hacked suddenly find themselves disconnected or hacked only after a public game.
Come on Blizzard, directly address the session spoofing issue. Are all these people saying that they got compromised with an authenticator in place lying?
This topic is locked.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)

Reported!

[Close]