Diablo III

[Archon_Wing]

Quote:

Originally Posted by Squarecrow

Seems like it went over your head.

Unless Blizzard's servers were compromised then the analogy holds true. They have protected their side until proved otherwise. They have no responsibility to protect your account from your mistakes. You're expecting something extra that isn't necessary just because you *think* it's so simple and easy for them to implement. Just like you shouldn't be entitled to have LoJack on everything expensive just because it can prevent and stop theft. There's a point where a company has to say no. And electronics can be much more expensive than a virtual account and they aren't something that magically reappear after they're stolen.

Umm... that still doesn't justify your faulty logic. In fact, I'm not even sure what you are getting at. So apparently without proof, the user is always wrong and Blizzard has no faults with their server. Umm... ok. Could we start with a more neutral premise? Oh sure, I wasn't neutral either, but it's not like I didn't consider the high probability of a keylogger or user fault. Or at least I did more so than you're considering the other side.

It doesn't matter if electronics are more expensive than this.? I'm not arguing if it's Blizzard's fault or not in my previous post.

Your analogy:

Quote:

Why don't my electronics or car come with free LoJack? What if they get stolen? That's not even my fault!

My response:

Quote:

When you purchase something like cars and electronics, it's a physical piece of property that you take. The transaction between you and the seller ends the moment you receive the item unless it is defective. Their responsibility was merely to deliver the item in proper shape and form.

They cannot be compared. It doesn't work. Your relationship with the vendor for goods such as cars and electronics ended after they sold it to you. Of course they are not responsible for theft later on! They have no obligation to you anymore.

Quote:

Life is unfair. Or better yet, life isn't always what you want it to be.

Very wise, but also irrelevant. Considering how you've misinterpreted Vallen's post to the point of responding with irrelevant things and probably mine, I think you may have to read a bit more carefully

In any case

Quote:

Battle.net Authenticator - Diablo III Edition (United States Only)

1
$6.50 USD




Order Status:
Pending
(Cancel order)



Shipping Method:
Next Day Standard

Let's see if this thing will help or not;.

[Jazzrat]

In regards to all the compromised accounts, this post sums it up nicely on the situation.

Anyone who works in end user support before will know it all too well when it comes to malware and the ongoing trend of targeting online game account information that has transferable values (steam doesn't cause you can't transfer or sell your games to others).

This isn't just a Blizzard problem however, it's looks exacerbated in comparison to other games because of the volume of users. There's 10 million + users on WoW alone not to mention another 6.5 million Diablo3 players, what's is the chance of having someone in those 16.5 million + user who had their account and pc compromised?

Why is Blizzard pushing users to get an authenticator?
Because it's a waste of manpower and bad for the PR when people have their account compromised. There's many ways to get into someone's computer, I had malware infection before just plugging in a usb drive. I got myself an authenticator because I know there's no 100% chance of me ever being fully secured with my laptop barring total isolation and Diablo 3 is the kind of popular games these malware will target.

And FYI, Blizzard password is not case sensitive which is really stupid. They should have adopted better password security cause people can just brute force the account.

[aohige]

The bigger you are, the bigger the whine.

Although I've always wondered how secure my steam account really is, considering I have a credit card tied to it.
It seems like one keylogger could screw me pretty bad.

I just got like 3 shotted in Inf Act 2. From like the 4th mob pack. Ouch.
Well, back to the gear grind...

[Duo Maxwell]

Quote:

Originally Posted by Jazzrat

And FYI, Blizzard password is not case sensitive which is really stupid. They should have adopted better password security cause people can just brute force the account.

huh?
I'm pretty sure my password is case sensitive.

[Archon_Wing]

Well, at this point, pointing fingers at anyone isn't going to help. Note that I never have and never will expect Blizzard to be hack proof, because that's impossible. But hopefully they'll restore people's shit and make it so you can't log in 10k miles away without triggering something.

However, regardless of user error or server error, I have decided to not use the auction house for a while. It's likely the hackers will have put their ill gotten gains up on it for now, and I'd rather not purchase stolen goods.

[Demi.]

Quote:

Originally Posted by Jazzrat

In regards to all the compromised accounts, this post sums it up nicely on the situation.

Anyone who works in end user support before will know it all too well when it comes to malware and the ongoing trend of targeting online game account information that has transferable values (steam doesn't cause you can't transfer or sell your games to others).

This isn't just a Blizzard problem however, it's looks exacerbated in comparison to other games because of the volume of users. There's 10 million + users on WoW alone not to mention another 6.5 million Diablo3 players, what's is the chance of having someone in those 16.5 million + user who had their account and pc compromised?

Why is Blizzard pushing users to get an authenticator?
Because it's a waste of manpower and bad for the PR when people have their account compromised. There's many ways to get into someone's computer, I had malware infection before just plugging in a usb drive. I got myself an authenticator because I know there's no 100% chance of me ever being fully secured with my laptop barring total isolation and Diablo 3 is the kind of popular games these malware will target.

And FYI, Blizzard password is not case sensitive which is really stupid. They should have adopted better password security cause people can just brute force the account.

I stopped reading after he tried to make the problem this (Twice!): "Well, the cause is people desiring a shortcut in their games by buying gold."

I've seen hundreds if not thousands of posts saying they've been compromised from posts made today alone. And he's trying to claim the large majority of compromises are from them buying gold from sketchy places? I don't buy that for a minute. Especially considering I'm not part of that large majority, and unless the other people I've seen posting are all liars, then neither are they.

Quote:

Originally Posted by Duo Maxwell

huh?
I'm pretty sure my password is case sensitive.

Nope, D3 passwords are not case sensitive.

[Dr. Casey]

Quote:

Originally Posted by Squarecrow

I don't know. Let someone else use your computer? Got hit by malware on a trusted site that's usually safe? Used public Wi-Fi?

Are you saying that Blizzard's server was compromised at this time? Any news articles at the time of your compromise?

lol, I've heard of blaming the victim but this is taking things to a whole new level. "It's always the victim's fault, if you claim that you're innocent in the matter you're lying!" Why, exactly, are you so determined to white knight Blizzard and paint them as blameless, and so reluctant to believe anyone who says that they were hacked through no real fault of their own? It seems as though you won't believe that anyone had their account compromised without doing anything moronic and irresponsible unless they write a 5,000 word essay describing in detail the precautions they took to protect their account.

[Duo Maxwell]

Quote:

Originally Posted by Demi.

Nope, D3 passwords are not case sensitive.

Then what the heck have I been typing in my password box all the time...?

In any case, I'll believe anything that I can see rather than anything people are telling each other on the internet, and so far none of my friends have problem regarding security.

[Mow Yun]

I don't have Diablo 3 myself, but out of the 6 people I know who have, and talked to, three have had their accounts compromised. Two work in high level IT and I'd trust to keep their computers very secure. While it is a very small sample size, even a 10% rate of "my account's been hacked!" sounds like it should be outside the realm of probability.

Also regarding the authenticator issue - I've been told that the smartphone-based authenticators don't work against this "Diablo 3 hacking" issue. It's only the physical kinds you can buy that work.

About rollbacks as well - my friend has reported that a user is only allowed two rollbacks in an account's lifetime. Basically, if it happened to you once, pray it doesn't happen twice again.

EDIT: Duo - Apparently passwords are valid whether you use capitals or not. Perhaps battle.net has a cipher which converts all characters to either upper or lower case.

[Dr. Casey]

I dunno, unless you're the most popular guy on the planet I would imagine that your friends make up a pretty small sample of Diablo III's 1,000,000+ userbase. I'm sure the people that have been hacked are a minority of all the Diablo III players around, but there's still a higher number of compromised accounts than there should be.

[Mow Yun]

Quote:

Originally Posted by Dr. Casey

I dunno, unless you're the most popular guy on the planet I would imagine that your friends make up a pretty small sample of Diablo III's 1,000,000+ userbase. I'm sure the people that have been hacked are a minority of all the Diablo III players around, but there's still a higher number of compromised accounts than there should be.

Assuming my friends aren't related to each other, I would say there is a case as you never test the entire population as you can generally extrapolate from a relatively small sample size. Even if it were such a small sample, as I referred to it as, it "should" be 0 or 1 out of 6 instead of 3 out of 6. Naturally, its not very reliable, but I think it leads to the notion that this kind of stuff isn't all hot air.

EDIT: Accusing someone of "Its your fault, your computer security sucks!" is an accusation which cannot be disproven, so its a handy one to sling around.

[Dr. Casey]

Ah, that was actually a reply to Duo's assertation that the reports of Diablo III having weak security are overblown because his friends haven't encountered any such problems.

[Mow Yun]

Ah, it sounded like it could go either way.

[Jazzrat]

Quote:

Originally Posted by Demi.

I stopped reading after he tried to make the problem this (Twice!): "Well, the cause is people desiring a shortcut in their games by buying gold."

I've seen hundreds if not thousands of posts saying they've been compromised from posts made today alone. And he's trying to claim the large majority of compromises are from them buying gold from sketchy places? I don't buy that for a minute. Especially considering I'm not part of that large majority, and unless the other people I've seen posting are all liars, then neither are they.

No, you didn't read the whole post. Compromised accounts are buyers and non-buyers.

In fact, it's more important to target non-buyers because these are usually the works of 3rd party gold seller. Doesn't make any business sense to target your own customers.

And it's the internet, who knows who is lying and who is telling the truth? But internet crime/scam can be more devious and malicious than we attribute it for.

Quote:

Originally Posted by Mow Yun

I don't have Diablo 3 myself, but out of the 6 people I know who have, and talked to, three have had their accounts compromised. Two work in high level IT and I'd trust to keep their computers very secure. While it is a very small sample size, even a 10% rate of "my account's been hacked!" sounds like it should be outside the realm of probability.

Oh no, we don't. There's no program to keep your pc safe 100% not even symantec or any big AV companies (which i wonder why my company still pays em).

We can keep our risk low but the chance is always there. Security flaws in external program to cleverly nested code in ads. While we know Blizzard hacking is popular, but i m certain that there's way more malware written to target Asian MMORPG which typically is cashshop driven and carry far more monetary value than your Diablo 3 account ever will.

[Mow Yun]

While there is almost no sure way to ensure that one's computer is 100% hack proof, I find it bordering on absurd that if the compromise was on the user end, that it was only the Diablo 3 account, and not Starcraft 2, World of Warcraft, or any other account, even financial details such as Paypal or saved credit card info which was claimed to accessed.

Because hacking to gain control of a video game account is far more monetarily advantageous than compromising a bank account...

I'm not saying its not possible, but for this kind of scale it seems like kind of flimsy that every single one of these people have poor personal security which has not resulted in any financial loss but only video game inventory loss.

[Jazzrat]

Quote:

Originally Posted by Mow Yun

While there is almost no sure way to ensure that one's computer is 100% hack proof, I find it bordering on absurd that if the compromise was on the user end, that it was only the Diablo 3 account, and not Starcraft 2, World of Warcraft, or any other account, even financial details such as Paypal or saved credit card info which was claimed to accessed.

Because hacking to gain control of a video game account is far more monetarily advantageous than compromising a bank account...

I'm not saying its not possible, but for this kind of scale it seems like kind of flimsy that every single one of these people have poor personal security which has not resulted in any financial loss but only video game inventory loss.

Hacking into major institutes system is more likely to get the FBI on your ass than into your regular joe/sally computer. It does happen though as we have seen in Sony case but this is usually done by a different group of people and more often than not, without monetary motivation.

WoW and recently Diablo 3 is targeted for the monetary value inherent in it. Actually there have been cases where people who had their Diablo 3 account compromised and the culprit reactivated their WoW account to strip their assets.

As for paypal and credit cards, i ll have to research it up. My initial guess is that such intrusion are more prolific than game accounts and more likely to draw the enforcement agencies attention.

[Blaat]

Quote:

Originally Posted by aohige

My Monk just solo downed both Infeno Skeleton King & Butcher, both WITH full stack of valor.

AWWWWWW yeah.

Spoiler:

Blind > Sanctuary and another tip wear a shield.

I'm this close to soloing Belial (already killed him with friends) I keep dying in the third phase which is stupid because the third phase is the easiest (the only tactic is don't stand in the green stuff)

[Mow Yun]

Quote:

Originally Posted by Jazzrat

Hacking into major institutes system is more likely to get the FBI on your ass than into your regular joe/sally computer. It does happen though as we have seen in Sony case but this is usually done by a different group of people and more often than not, without monetary motivation.

WoW and recently Diablo 3 is targeted for the monetary value inherent in it. Actually there have been cases where people who had their Diablo 3 account compromised and the culprit reactivated their WoW account to strip their assets.

As for paypal and credit cards, i ll have to research it up. My initial guess is that such intrusion are more prolific than game accounts and more likely to draw the enforcement agencies attention.

I'm not buying into the "people have their Diablo 3 account compromised and WoW account stripped" story very much. If that were the case, we should have seen a similar outrage with Starcraft 2's launch, as WoW is also linked with SC2. I haven't heard any Starcraft 2 hacking stories, at least, not to the extent of this Diablo 3. It could be coincidence, but at the same time, it may not be.

Still, I'm unconvinced that stripping a video game account of items is the most valuable thing a malevolent party would do to a person's computer with the kind of access which was had. I just find it strange how Diablo 3 was the only game worth having people's accounts compromised lately, especially since the auction house doesn't accept real currency yet (from what I hear).

Too many questions for me. For example, be playing WoW for years without incident and suddenly when Diablo 3 comes out, your Diablo 3 account becomes compromised. If it were an account hack, the coincidence of these two events (diablo 3 release and account compromise) as well as this recent burst of "Diablo 3 account hacking" cases seems like it fits too nicely to be a simple "your password sucks/ your computer got hacked," case.

[aohige]

Quote:

Originally Posted by Blaat

Blind > Sanctuary and another tip wear a shield.

I'm this close to soloing Belial (already killed him with friends) I keep dying in the third phase which is stupid because the third phase is the easiest (the only tactic is don't stand in the green stuff)

I like Sanctuary in Act 1, since there's oh so many doorways that I can block away with it.
Easy to halt packs of knockback elites by kiting them to a narrow chokepoint.

In act 2, there's much less areas like that, so I'll be switching of course.

Shield is great for upping Armor as well as giving block %, but I don't have a high enough DPS 1-hander to compensate.
Once I get one of those 800+ DPS weapon, I may switch to using a shield.
Or, I could compensate by stacking more armor and resist.
I'm aiming for 800 resist and 8000 armor or so for Act 2.

Act 3 is... another story. Most monks are struggling in Act 3, and I don't plan to advance in it anytime soon.
Once I beat Act 2, I'll probably set my monk aside for a while.

[Keroko]

Quote:

Originally Posted by Squarecrow

I don't know. Let someone else use your computer? Got hit by malware on a trusted site that's usually safe? Used public Wi-Fi?

Are you saying that Blizzard's server was compromised at this time? Any news articles at the time of your compromise?

Nobody else ever uses my computer, malware scans from three different scanners showed nothing and I didn't use public wifi. Were there any news articles? No, not as far as I'm aware, but that doesn't say much.

The point is, I did nothing that would make this hacking "my fault" yet I still got hacked. And the funny thing? I never got hacked on anything other than my blizzard account. Even my bank and paypal accounts were safe. Only my blizzard account has been hacked.

Let me put that in perspective: A hacker managed to get into my game account, but left my banking accounts alone. This leaves us two options:

1: If my computer was what was compromised, apparently my bank accounts have appropriate security measures in place to fend of the kind of attacks made. Which means blizzard's security is worse.

2: The account was compromised on blizzard's side, explaining why my bank accounts were untouched.

Either way, blizzard's security is flawed.