Diablo® III

Session Spoofing


...
Yes Im sure blizzard has a redundant backup copy thats made so they have a failsafe but normally backups are not instant. Backup or mirror image to the backup server are done at x intervals and or x time of day normally when the servers are not over x load.

...

What happens here is after awhile the transaction load gets expanitally larger and larger where the server is under such stress that it in fact locks up crashes.

...

When the server crashed this transaciton didnt happen or is extreamly delayed.

2 possible outcomes The item is returned to the original database entry for future putting up back into the database aka the ah its still in your stash it will look like your gold is missing itso nly because you did part of the transaction but it never was completed do to the fact it never finished though queing and saving.

...


Backups on any production system are instant. Some of this makes sense if we're using a laptop as a server but not a distributed file system in a modern server farm.
"instant" is a relative term. If by "instant" you mean the data has already been seeded to a backup source, and the "backup" is constantly changing the target data on a bit level basis as data changes real-time on the production server, and that the connection and processing power between the source and target are able to handle the amount of data changing at any given time, then sure we can call it "instant".


You are assuming that only only people with a negative opinion post here, and every other player does not. Fact is, most people who dislike the game with put it on the shelf and be done with it, never visiting a forum at all. Same goes for those who like the game. They will play it, and never visit a forum.

Forum percentages are still representative of over all player base. It may not be a 1:1 ratio, but it is pretty close. Close enough that if you have the majority of a forum posting a certain way, you can be sure the majority of people not posting feel the same way.


You said that 15-20% of the people on these forums are complaining about being hacked, correct?
You say that the forums adequately represent the player base?
I seriously doubt 15% of 7 million people have been hacked.
06/05/2012 01:20 PMPosted by Khagan
you think there's no difference between 1 and 10,000? unless theres some "context" to it? lol


you don't think there is? lol context is always important when it comes to numbers. it's all relative. the number of accounts compromised is most likely statistically insignificant.


So you are suggesting that 10,000 people are insignificant, and dont matter?

Do you think if the game had only sold 1 million copies, that the ratio of hacked accounts would change proportionality? I would be willing to be the number of hacked accounts would be exactly the same. Over all volume has nothing to do with the number of compromises.
You do something enough times that it just becomes automatic, like when you get E-mails from Blizzard you click the link and go to their webpage,oops look it isn't their webpage, but the nuances are so small that you didn't notice. You've gone to the Battlenet.net login screen a thousand times but oops you didn't notice that you just went to battlenet.net instead of battle.net, yet it looks the same so you login in as you usually do.
You've been phished


You assume people are not aware of phishing. I NEVER click a link in an email that I was not expecting to get. If you get an email from blizzard, your bank, paypal, whatever, saying that you need to do something with your account. You open your browser window,s and you type in the address yourself and log in. Anyone who is aware of phishing knows that you should be using this route.

Only time you should be clicking links in emails is when you have to in order to authenticate a new account you have made, in which case you should be expecting the email to come from a certain site at a certain time. Unless the site you are signing up for is not legit, you should not have an issue.

If you do sign up for sites you are not sure of, this is why you have a secondary "junk" email account. So your main email is never exposed.


I find no fault with your statement, except, I find it hard to believe that you don't have your favorite links up on your browser bar and actually type in your web adresses everytime :-) (no it doesn't have anything to do with clicking a phishing link, I just couldn't find fault in your statement :-) ) Oh Wait, that comma doesn't need to be there in that word!!!

But like I said, we become complacent. It IS our fault if we click a link in an E-mail. I've done it when a friend sent me a ressurection scroll so she could get a new digital mount in WoW, even though I made her pay for the month cause I am so tired of WoW.

Later I received an E-mail from Blizzarsd(not a typo but it was hidden unless scrolled over and I didn't think to do that at thet time) inviting me to MoP Beta.
Having a close friend who was actually in the MoP Beta, I clicked the WoW link and found myself on a page that had Blizzards MoP details, but with some slightly noticable errors.
I E-mailed Blizzard and asked about it, they told me it was a scam. I scrapped the E-mail and link.
User Error. If I got hacked (though I have an Auth that saves my butt) I wouldn't go bishing about Blizz, i'd jsut ask for a roll back and learn from it.
06/05/2012 01:24 PMPosted by Applesoup
and i'm sorry, when does a number not have context to it?


2,000,000

Do you have any idea what I am referring to with the above number?
06/05/2012 12:32 PMPosted by Raphael
Secondly, unless you, personally can perform a MITM attack how do you know it can be done? Forget all the online articles about how to do it, all the people who've been victims, etc. Until you, personally can do it, shut it. That's basically what you just said.
The difference is between "Know how it can be done" and "know it can be done".

Those who say "Session Spoofing" is real all apparently "know it can be done" but absolutely do not "know how it can be done".

Any technical details that have been posted have thus far been garbage, and every attempt to replicate the process has resulted in failure. In science, that means the theory was wrong.
I attempted to tell your support staff in my ticket, as well as multiple posts here.

I was hacked without evidence of keyloggers, trojans, or having given my account (intentionally or unintentionally)

My information has fallen on deaf ears and has been met with harsh criticism from this community.

I actually AM a computer technician and will be more then willing to speak of this further with you.

My hackers account is still in use as I can see it logged in from my "recently played" list which has still not been banned despite numerous reports from within the system.

Please contact me at the e-mail address associated with this account and I am willing to help.
90 Night Elf Druid
10565


And yet is most posts were positive, you would be adamant that the player base feels the same way. Double standard much?


Dang, way to put words in someone's mouth.


Well said.
06/05/2012 01:26 PMPosted by MutantMonkey
and i'm sorry, when does a number not have context to it?


2,000,000

Do you have any idea what I am referring to with the above number?


Yes, a large number.


Just because only 1 person makes a thread about it doesn't mean that's the only person getting hacked.


Just because only 8 people make a thread about it, doesn't mean that they're the only people getting hacked.

sigh, d3 is a newer game and a fresher market, meaning more fish in the sea.
if you were a gold farmer/hacker you'd always go to where the fresher ( while still fairy large) market is, hit them before things stabalyze
06/05/2012 01:21 PMPosted by Flamberge
Backups on any production system are instant.


That's cute.
You said that 15-20% of the people on these forums are complaining about being hacked, correct?
You say that the forums adequately represent the player base?
I seriously doubt 15% of 7 million people have been hacked.


I doubt the number is that high either, but it is certainly higher than the 1% people here would have you believe. Perhaps the number would be closer to 15% of people without an authenticator...
Edited by kweagle#1932 on 6/5/2012 1:30 PM PDT
06/05/2012 01:24 PMPosted by StarDweller
What blizzard is essentially saying is that people who claimed they were hacked via session spoofing, or those with an authenticator who were hacked, are essentially all lying. I find this hard to believe.
People lie. Especially when they do not want to admit something occurred on their end because it's embarassing or maddening, and they are upset and feel violated. This is human nature.
Edited by moojerk#1213 on 6/5/2012 1:30 PM PDT
06/05/2012 01:24 PMPosted by StarDweller
What blizzard is essentially saying is that people who claimed they were hacked via session spoofing, or those with an authenticator who were hacked, are essentially all lying. I find this hard to believe.


Those who got hacked with an Authenticator were using the dial-in. Does not work with D3


2,000,000

Do you have any idea what I am referring to with the above number?


Yes, a large number.


whether it's 2 mil out of 5 billion. it's still a lot of 1's.
Edited by Applesoup#1860 on 6/5/2012 1:32 PM PDT
So you are suggesting that 10,000 people are insignificant, and dont matter?

Do you think if the game had only sold 1 million copies, that the ratio of hacked accounts would change proportionality? I would be willing to be the number of hacked accounts would be exactly the same. Over all volume has nothing to do with the number of compromises.


Wow. Just, wow.

Of course the total number is relevant. There is a vast difference between "50% of those exposed died" and "1% of those exposed died". It doesn't matter if that 1% consisted of 100,000 dead people, odds are the exposure didn't kill them.
This topic has reached its post limit. You may no longer post or reply to posts for this topic.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)
Submit Cancel

Reported!

[Close]