Welcome, Guest. Please login or register.
March 28, 2024, 02:10:21 PM

Login with username, password and session length

Search:     Advanced search
we're back, baby
*
Home Help Search Login Register
f13.net  |  f13.net General Forums  |  The Gaming Graveyard  |  Diablo 3  |  Topic: Hackers and their hackering hacks 0 Members and 1 Guest are viewing this topic.
Pages: [1] 2 3 Go Down Print
Author Topic: Hackers and their hackering hacks  (Read 24853 times)
jakonovski
Terracotta Army
Posts: 4388


on: May 21, 2012, 11:40:46 PM

So Diablo 3 got hacked. The news is just breaking so there's not much to tell atm, except to change your passwords. Kinda awesome and terrible at the same time.

http://www.rockpapershotgun.com/2012/05/21/shout-at-the-devil-blizzard-acknowledges-diablo-iii-hacks/
Tebonas
Terracotta Army
Posts: 6365


Reply #1 on: May 21, 2012, 11:53:42 PM

Well, its not like there are real money transactions involved. So whats the harm  why so serious?
Cyrrex
Terracotta Army
Posts: 10603


Reply #2 on: May 22, 2012, 12:19:00 AM

My old WoW account seems to be in "Account Banned" status because of this kind of shit (happened at a time I wasn't even subscribed to WoW).  I imagine it won't be long before I get locked out of this game as well for no reason whatsoever.


"...maybe if you cleaned the piss out of the sunny d bottles under your desks and returned em, you could upgrade you vid cards, fucken lusers.." - Grunk
Hawkbit
Terracotta Army
Posts: 5531

Like a Klansman in the ghetto.


Reply #3 on: May 22, 2012, 12:20:33 AM

RMAH has already been delayed from launch to tomorrow, then to the 29th.  I wonder how long this will push it back?
apocrypha
Terracotta Army
Posts: 6711

Planes? Shit, I'm terrified to get in my car now!


Reply #4 on: May 22, 2012, 12:48:12 AM

What? Are people still not using authenticators?  ACK!

"Bourgeois society stands at the crossroads, either transition to socialism or regression into barbarism" - Rosa Luxemburg, 1915.
jakonovski
Terracotta Army
Posts: 4388


Reply #5 on: May 22, 2012, 12:54:53 AM

What? Are people still not using authenticators?  ACK!

The current rumor is that the hackers are targeting session IDs, which bypasses all authentication. Someone more knowledgeable might want to chime in here because that's all I know.
Ingmar
Terracotta Army
Posts: 19280

Auto Assault Affectionado


Reply #6 on: May 22, 2012, 01:03:43 AM

Session IDs is what I'm hearing as well. Their account database didn't get hacked or anything it sounds like.

The Transcendent One: AH... THE ROGUE CONSTRUCT.
Nordom: Sense of closure: imminent.
Falconeer
Terracotta Army
Posts: 11124

a polyamorous pansexual genderqueer born and living in the wrong country


WWW
Reply #7 on: May 22, 2012, 01:05:16 AM

Authenticators are an annoyance, even if you don't travel.

Sjofn
Terracotta Army
Posts: 8286

Truckasaurus Hands


Reply #8 on: May 22, 2012, 01:05:51 AM

You know what else is annoying? Having your account stolen.  why so serious?

God Save the Horn Players
Ingmar
Terracotta Army
Posts: 19280

Auto Assault Affectionado


Reply #9 on: May 22, 2012, 01:06:16 AM

It only prompts you like once a week if you always log in from the same machine.

The Transcendent One: AH... THE ROGUE CONSTRUCT.
Nordom: Sense of closure: imminent.
IainC
Developers
Posts: 6538

Wargaming.net


WWW
Reply #10 on: May 22, 2012, 01:14:13 AM

Yeah, I put an authenticator on my account when I installed D3 and I've only had to use it once on my work PC and twice at home so far. I used the mobile app which seems fine.

- And in stranger Iains, even Death may die -

SerialForeigner Photography.
caladein
Terracotta Army
Posts: 3174


WWW
Reply #11 on: May 22, 2012, 01:17:30 AM

It only prompts you like once a week if you always log in from the same machine.

As this came up in a WoW thread when they made that change, you can change it to the old "prompt every login" set-up as well.  Not sure when they added that, but it was a while ago.

"Point being, they can't make everyone happy, so I hope they pick me." -Ingmar
"OH MY GOD WE'RE SURROUNDED SEND FOR BACKUP DIG IN DEFENSIVE POSITIONS MAN YOUR NECKBEARDS" -tgr
jakonovski
Terracotta Army
Posts: 4388


Reply #12 on: May 22, 2012, 01:29:10 AM

Looks like the remedy to this particular kind of hack is to not join public games, because that's where the session IDs get sent to a bad place.
Zetor
Terracotta Army
Posts: 3269


WWW
Reply #13 on: May 22, 2012, 01:31:27 AM

So this is like RIFT Login Token-Spoofing 2: The Roflcoptering? 'Cos if so, then  why so serious?

Ingmar
Terracotta Army
Posts: 19280

Auto Assault Affectionado


Reply #14 on: May 22, 2012, 01:34:54 AM

Early indications are that it only happens to people in public games (getting the session ID stolen), so at the least I would avoid those for now.

The Transcendent One: AH... THE ROGUE CONSTRUCT.
Nordom: Sense of closure: imminent.
apocrypha
Terracotta Army
Posts: 6711

Planes? Shit, I'm terrified to get in my car now!


Reply #15 on: May 22, 2012, 01:48:33 AM

Yeesh, that's nasty if they're bypassing the authenticator like that.

Still, when they patch this they can put in the goddamn ring drop sound at the same time eh.

Edit: Bashiok has posted nay-saying these claims:

Quote
We've been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring. Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password. While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand.

If your account has been hacked, please view the previous post for information on contacting our support department.

« Last Edit: May 22, 2012, 01:57:37 AM by apocrypha »

"Bourgeois society stands at the crossroads, either transition to socialism or regression into barbarism" - Rosa Luxemburg, 1915.
Azazel
Contributor
Posts: 7735


Reply #16 on: May 22, 2012, 02:00:43 AM

so... if I haven't joined any public games should I be safe (for now?)

http://azazelx.wordpress.com/ - My Miniatures and Hobby Blog.
Ingmar
Terracotta Army
Posts: 19280

Auto Assault Affectionado


Reply #17 on: May 22, 2012, 02:02:40 AM

Sounds like the session thing may also be bullshit, so yeah.

The Transcendent One: AH... THE ROGUE CONSTRUCT.
Nordom: Sense of closure: imminent.
Ironwood
Terracotta Army
Posts: 28240


Reply #18 on: May 22, 2012, 02:04:34 AM

Hahahah.

Awesome.

 why so serious?

"Mr Soft Owl has Seen Some Shit." - Sun Tzu
rk47
Terracotta Army
Posts: 6236

The Patron Saint of Radicalthons


Reply #19 on: May 22, 2012, 02:13:23 AM

Obviously it's the public game joiners at fault. What were they thinking? They could've saved themselves a lot of pain if they had friends to play with.

Colonel Sanders is back in my wallet
Tebonas
Terracotta Army
Posts: 6365


Reply #20 on: May 22, 2012, 02:13:35 AM

Still laughing, up until the point my Single Player game won't be playable anymore because my account was hacked. Has every competent person at Blizzard died from a stroke recently or have they fled after the merger? That whole lauch fiasco is so unblizzardlike.
caladein
Terracotta Army
Posts: 3174


WWW
Reply #21 on: May 22, 2012, 02:19:39 AM

I don't think it's been on a significantly different scale from a WoW expansion launch, so I'm not sure how "Blizzard-like" or not it's been.  And from a "playing the game" level, D3 has been a lot better for my friends and I then trying to do a new raid on night one.

That said, I'm not sure where my experience of "no problems outside of the first 90 minutes past midnight and occasional AH lag" over ~50 hours this week fits in the continuum.

"Point being, they can't make everyone happy, so I hope they pick me." -Ingmar
"OH MY GOD WE'RE SURROUNDED SEND FOR BACKUP DIG IN DEFENSIVE POSITIONS MAN YOUR NECKBEARDS" -tgr
Ingmar
Terracotta Army
Posts: 19280

Auto Assault Affectionado


Reply #22 on: May 22, 2012, 02:22:18 AM

Obviously it's the public game joiners at fault. What were they thinking? They could've saved themselves a lot of pain if they had friends to play with.

Unless we assume Blizzard is lying (or possibly incompetent), then there's nothing to the public game theory people had either.
« Last Edit: May 22, 2012, 02:24:17 AM by Ingmar »

The Transcendent One: AH... THE ROGUE CONSTRUCT.
Nordom: Sense of closure: imminent.
Tebonas
Terracotta Army
Posts: 6365


Reply #23 on: May 22, 2012, 02:24:30 AM

Obviously it has been worse for Europeans, caladein.
caladein
Terracotta Army
Posts: 3174


WWW
Reply #24 on: May 22, 2012, 02:26:38 AM

Heartbreak

"Point being, they can't make everyone happy, so I hope they pick me." -Ingmar
"OH MY GOD WE'RE SURROUNDED SEND FOR BACKUP DIG IN DEFENSIVE POSITIONS MAN YOUR NECKBEARDS" -tgr
rk47
Terracotta Army
Posts: 6236

The Patron Saint of Radicalthons


Reply #25 on: May 22, 2012, 02:28:45 AM

in my head, sequence of events play out like this:

Quote
1. Blizzard delays Diablo III. Again. And again.
This isn't Blizzard's fault for trying to be perfectionist. Would you play a buggy, unpolished game?

2. Blizzard demands online play only, creating instant death from lags and make offline, lagless play impossible and not an option.
Diablo is meant to be played online, rofl.

3. Blizzard can't keep a good login system to deal with the day 1 owners.
Blizzard is the victim of their own success. No one could've predicted the magnitude of the pre-order and day 1 enthusiasm. This is a good problem to have for a company of their caliber. If anything those login hoggers should blame themselves for not having patience and jamming the login servers.

4. Blizzard lets a loophole go live and enabled some hackers to steal customer's account through session ID
Blizzard can't be blamed here, online security is a big issue that is hard to cover all every loophole.

If 1 is true. Then why do we still get 3 and 4?

Colonel Sanders is back in my wallet
Ironwood
Terracotta Army
Posts: 28240


Reply #26 on: May 22, 2012, 02:47:02 AM

You know what ?  I'm just not prepared to accept the 'we didn't know it would be popular' line.

It's bullshit.

"Mr Soft Owl has Seen Some Shit." - Sun Tzu
Cyrrex
Terracotta Army
Posts: 10603


Reply #27 on: May 22, 2012, 03:07:33 AM

You know what ?  I'm just not prepared to accept the 'we didn't know it would be popular' line.

It's bullshit.


It's humongous bullshit.  It is far more likely that they knew exactly what kind of day 1 issues they were going to run into, and chose to accept the risk.  Because in the grand scheme of things, it doesn't change their bottom line one bit.

"...maybe if you cleaned the piss out of the sunny d bottles under your desks and returned em, you could upgrade you vid cards, fucken lusers.." - Grunk
Setanta
Terracotta Army
Posts: 1512


Reply #28 on: May 22, 2012, 03:23:49 AM

It only prompts you like once a week if you always log in from the same machine.

As this came up in a WoW thread when they made that change, you can change it to the old "prompt every login" set-up as well.  Not sure when they added that, but it was a while I have this set up permanently. For the extra 10 seconds that it takes me to log in, I don't mind a little more security on my home machine.

"No man is an island. But if you strap a bunch of dead guys together it makes a damn fine raft."
Tebonas
Terracotta Army
Posts: 6365


Reply #29 on: May 22, 2012, 03:39:09 AM

Day 1 issues are one thing, killing the login servers during primetime afterwards (sunday afternoon) are something completely different.
Merusk
Terracotta Army
Posts: 27449

Badge Whore


Reply #30 on: May 22, 2012, 03:56:54 AM

Still laughing, up until the point my Single Player game won't be playable anymore because my account was hacked. Has every competent person at Blizzard died from a stroke recently or have they fled after the merger? That whole lauch fiasco is so unblizzardlike.

Combined with the problems they've had in the MOP beta and that large chunks of it STILL aren't turned-on or working right the snark in me says it's either the latter or they've spread themselves way too thin. Try and do everything and you please no one and all that.

The past cannot be changed. The future is yet within your power.
Shatter
Terracotta Army
Posts: 1407


Reply #31 on: May 22, 2012, 04:12:03 AM

so... if I haven't joined any public games should I be safe (for now?)

Nope, I havent joined any public games and got hit this weekend
rk47
Terracotta Army
Posts: 6236

The Patron Saint of Radicalthons


Reply #32 on: May 22, 2012, 04:33:41 AM

so... if I haven't joined any public games should I be safe (for now?)

Nope, I havent joined any public games and got hit this weekend

egads. Condolences.  ACK!

Colonel Sanders is back in my wallet
Ironwood
Terracotta Army
Posts: 28240


Reply #33 on: May 22, 2012, 05:25:44 AM

Just as an after-thought;  what's going to be the impact on WoW ?  Surely the accounts being connected is a problem ?

"Mr Soft Owl has Seen Some Shit." - Sun Tzu
Fabricated
Moderator
Posts: 8978

~Living the Dream~


WWW
Reply #34 on: May 22, 2012, 05:36:43 AM

Just as an after-thought;  what's going to be the impact on WoW ?  Surely the accounts being connected is a problem ?
Considering that a battle.net account encompasses all of these games, yep.

"The world is populated in the main by people who should not exist." - George Bernard Shaw
Pages: [1] 2 3 Go Up Print 
f13.net  |  f13.net General Forums  |  The Gaming Graveyard  |  Diablo 3  |  Topic: Hackers and their hackering hacks  
Jump to:  

Powered by SMF 1.1.10 | SMF © 2006-2009, Simple Machines LLC