Blizzard Responds to Diablo 3 Account Hacks

Page 2 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
Status
Not open for further replies.
[citation][nom]SinisterSalad[/nom]Allowing offline use would be the best way to counter this.[/citation]

But then we'd lose the awesomeness of lagging on a single player game! People might even make use of their internet connection for something else while playing, and that would be weird...
 
i play no games via battle.net but if diablo 3 is using a connectionless protocol then the DDOS and hijack is definately an option.
 
[citation][nom]DjScribbles[/nom]Some of the rumors floating around point to joining a public game (which gives the hacker access to your session id, which he can then spoof) as being all that is needed to be hacked.Maybe true, maybe not, but I'm not going to go try to find any new friends until this dies down.Another rumored cause is people infected with malware that lets a hacker use their PC as a proxy server to bypass their authenticator which is configured to "not ask every time" mode, the hacker would be able to login without authentication because the request is coming from the victims own infected PC.Personally, I think this is a huge risk to blizzards reputation, I sure hope they are willing to admit if the vulnerability is on their side, and get it fixed soon. Personally I think this seems way too 'big' to be a bunch of schmoes with PC's loaded with malware, but it would be possible they have been saving up a big list of targets, as battlenet accounts were around long before diablo3 launched, and there is likely a large intersection between diablo3 players, wow players, and SC3 players.[/citation]
I was still playing WoW when they instituted the do not ask every time policy. A lot of us brought this very situation up and we of course were shouted down and laughed at by the fan kiddies saying it would never happen.

It's also amusing that Blizzard is trying to claim that no ones been hacked with an authenticator now that a journalist has been. It's almost as if Blizzard is enjoying digging themselves deeper.

There's not many ways D3's launch could have gone worse.
 
[citation][nom]esrever[/nom]how would that help? people who would want to play on bnet would still get hacked and it just make people able to play the game pirated.[/citation]
LOL You do realize D3 HAS been pirated right? It was after one day.

What's going to be funny is if a lot of people who paid for D3 went and got the offline pirated version. Will Blizzard claim that they will be losing out on RMAH sales due to the piracy which is the real reason they insist on offline play? They certainly couldn't accuse them of costing them game sales.
 
Wow at the Blizzard-Hate. I choose you, Angry-Harmless-Net-Mob-With-Damning-Words!

I wonder how many people this has affected? Probably a good portion, but I'm not one of them. I play with people I know and I play by myself. Hackers? Ha! They need to know I exist first to hack my account. Keep going, foolish, technology-inept ragers. Keep them hackers busy with your accounts...
 
Blizzard has only had 12 years to get D3 polished so what do you expect *eye roll* (sarcasm)
 
[citation][nom]supall[/nom]Wow at the Blizzard-Hate. I choose you, Angry-Harmless-Net-Mob-With-Damning-Words!I wonder how many people this has affected? Probably a good portion, but I'm not one of them. I play with people I know and I play by myself. Hackers? Ha! They need to know I exist first to hack my account. Keep going, foolish, technology-inept ragers. Keep them hackers busy with your accounts...[/citation]
Gotta love when blind sheep like you, even when Blizzard is going through what people said would, just blindly defend them.

Perhaps you missed the line where even a journalist got her account hacked though she has an authenticator? Just because Bashiok says something doesn't make it true. He may put his foot in his mouth of often as Zarhym, but Bashiok can be wrong, or is more likely, be given the wrong information to give out to people.

It was sheep like you who shouted those of us down when we protested Blizzard making it to that the authentication system didn't ask for the authenticator every time. People even explained how this could be exploited and yet people like you shouted them down and laughed claiming this could never happen.

It was good of Blizzard to implement the authentication system, but it was VERY bad of Blizzard to turn around and introduce needless security risks to that system.
 
Offline mode will never happen, Diablo 2 had a problem with people hacking the profiles and editing the characters to be full geared and max level. Offline mode would mean character info would have to be stored at the local machine.

With battle.net character info MUST be pulled from the server and cheating is much harder.
 
[citation][nom]wildkitten[/nom]Gotta love when blind sheep like you, even when Blizzard is going through what people said would, just blindly defend them.Perhaps you missed the line where even a journalist got her account hacked though she has an authenticator? Just because Bashiok says something doesn't make it true. He may put his foot in his mouth of often as Zarhym, but Bashiok can be wrong, or is more likely, be given the wrong information to give out to people.It was sheep like you who shouted those of us down when we protested Blizzard making it to that the authentication system didn't ask for the authenticator every time. People even explained how this could be exploited and yet people like you shouted them down and laughed claiming this could never happen.It was good of Blizzard to implement the authentication system, but it was VERY bad of Blizzard to turn around and introduce needless security risks to that system.[/citation]

More idiocy from wildkitten. Glad things don't change.

Just because a journalist says something doesn't make it true. Given the lack of journalistic integrity that is pervasive throughout the news world, her lying is much more likely than Blizzard.
 
[citation][nom]wildkitten[/nom]LOL You do realize D3 HAS been pirated right? It was after one day.What's going to be funny is if a lot of people who paid for D3 went and got the offline pirated version. Will Blizzard claim that they will be losing out on RMAH sales due to the piracy which is the real reason they insist on offline play? They certainly couldn't accuse them of costing them game sales.[/citation]

And even more idiocy.... D3 hasn't been pirated. What has happened is people have figured out how to play a very rudimentary and very limited version of the game locally. Here we are several years after the WoW release and there still isn't a decently playable way to play the game outside of Blizzard's servers. Thinking anything different will happen with D3 is silly.
 
[citation][nom]wildkitten[/nom]Gotta love when blind sheep like you, even when Blizzard is going through what people said would, just blindly defend them.Perhaps you missed the line where even a journalist got her account hacked though she has an authenticator? Just because Bashiok says something doesn't make it true. He may put his foot in his mouth of often as Zarhym, but Bashiok can be wrong, or is more likely, be given the wrong information to give out to people.It was sheep like you who shouted those of us down when we protested Blizzard making it to that the authentication system didn't ask for the authenticator every time. People even explained how this could be exploited and yet people like you shouted them down and laughed claiming this could never happen.It was good of Blizzard to implement the authentication system, but it was VERY bad of Blizzard to turn around and introduce needless security risks to that system.[/citation]

Read my post again. I blame the user for their sheer, technology-ineptitude and ignorance. Yeah, Blizzard has an exploit, but it appears that all of the reports have something in common - PUBLIC GAMES. I understand why Blizzard needed to force online-only - its not really a single-player game.

The notion that Blizzard is a "single-player" game is ignorant and shows the lack of actual understanding of what Diablo 3 is. Diablo 3's "single-player" is you playing by yourself in an empty, private game hosted by Blizzard servers ONLINE. There is no "offline" mode because your character isn't accessible offline and this is to prevent the cheating that occurred in D2 for its RMAH. You can blast Blizzard all you want for their decision, but you didn't have to buy the game and you certainly don't have to play it.
 


At least you would get a choice of being hacked or not, just to play the game.

I'm glad I'm holding off on this game. $10 to get into the Path of Exile Beta, and $20 for Torchlight II, my money's better spent.
 
[citation][nom]superfula[/nom]More idiocy from wildkitten. Glad things don't change.Just because a journalist says something doesn't make it true. Given the lack of journalistic integrity that is pervasive throughout the news world, her lying is much more likely than Blizzard.[/citation]

Nothing is immune to hacking, everything so far has been hacked , sony,bitcoin,banks there are always ways to bypass ANY security be it os or application exploit even hardware is not immune at black hat convention last year they hacked ATM's to spit out money.
Everyone thought PSN and xbox live was unhackable but what happened they were hacked just because blizzard says nobody with an authenticator got hacked does not mean it's true i know personally 3 customers that had their wow accounts hacked and they had authenticators.
Saying that battle net is 100% secure is not true nothing is 100% in the cyber world it is possible to spoof battlenet session id's the hackers would not need a username or password even an authenticator would be useless with this type of exploit.

 
Please, Tomshardware. As people already complained at the previous news. Stop using this image. Just search for "facepalm" on Google, or put a Blizzard logo there. But why *this* particular guy? Stop it. Please.
 
[citation][nom]superfula[/nom]More idiocy from wildkitten. Glad things don't change.Just because a journalist says something doesn't make it true. Given the lack of journalistic integrity that is pervasive throughout the news world, her lying is much more likely than Blizzard.[/citation]
Oh yes, bury your fingers in your ears and go "la la la la la" so you don't hear what you want to because everyone is lieing.
 
[citation][nom]techguy911[/nom]Nothing is immune to hacking, everything so far has been hacked , sony,bitcoin,banks there are always ways to bypass ANY security be it os or application exploit even hardware is not immune at black hat convention last year they hacked ATM's to spit out money.Everyone thought PSN and xbox live was unhackable but what happened they were hacked just because blizzard says nobody with an authenticator got hacked does not mean it's true i know personally 3 customers that had their wow accounts hacked and they had authenticators.Saying that battle net is 100% secure is not true nothing is 100% in the cyber world it is possible to spoof battlenet session id's the hackers would not need a username or password even an authenticator would be useless with this type of exploit.[/citation]


While I do understand that essentially everything can more or less be hacked, the fact that Blizzard is brushing it off and not taking the matter seriously shows that they don't really care all that much. I realize that in life nothing can be 100% perfect, computers and programs as well. But at least acknowledge there is a problem and try to do something about it instead of blaming people for so-called lack of experience or knowledge. I have known some people who work in the corporate world in IT get their accounts hacked and they have some of the best security implemented in their systems. So to blame the user isn't always right. Blizzard needs to fix this and take responsibility and actually do something about it instead of blaming everyone else. Wildkitten, you need to get a clue and stop placing most of the blame on the user. Granted there are total idiots out there who shouldn't be using a computer much less any other electronic devices, there are very knowledgeable people out there, even those with advanced degrees in such fields as network administration and IT that get themselves hacked because of bad security and exploits on the side of Blizzard's servers. Until Blizzard gets a clue and starts to take security threats seriously, I've canceled my WoW (I also stopped playing because of how boring it got) and I sure as hell won't be getting Diablo 3. Maybe what Blizzard needs is a Netflix moment... customers fighting back and mass cancellations. But people being the way they are, I doubt most have the balls to be able to stand up and take action.
 
[citation][nom]superfula[/nom]More idiocy from wildkitten. Glad things don't change.Just because a journalist says something doesn't make it true. Given the lack of journalistic integrity that is pervasive throughout the news world, her lying is much more likely than Blizzard.[/citation]


Sure it's possible the journalist is lying, embellishing, or claiming another person's experience as her own; but I think Blizzard has much more motivation to downplay the severity of the issue until they determine the root cause.

It's a fair (but frustrating) stance for them to take frankly, there is plenty of user speculation/rumor about what is going on, for Blizz to wade into that and make an ill informed statement would just cause more chaos, rage, flaming, etc. For now they are hopefully just making statements on what has been true in the past, until they can determine what is really going on.
 
[citation][nom]supall[/nom]Read my post again. I blame the user for their sheer, technology-ineptitude and ignorance. Yeah, Blizzard has an exploit, but it appears that all of the reports have something in common - PUBLIC GAMES. I understand why Blizzard needed to force online-only - its not really a single-player game.The notion that Blizzard is a "single-player" game is ignorant and shows the lack of actual understanding of what Diablo 3 is. Diablo 3's "single-player" is you playing by yourself in an empty, private game hosted by Blizzard servers ONLINE. There is no "offline" mode because your character isn't accessible offline and this is to prevent the cheating that occurred in D2 for its RMAH. You can blast Blizzard all you want for their decision, but you didn't have to buy the game and you certainly don't have to play it.[/citation]
Yes, don't hold Blizzard accountable for taking away the effectiveness of the authenticators by making it so the login doesn't ask for it every time. Love how you ignore that.

And no, the online only requirement is NOT for the security of the RMAH. It has explained many times why that's false, but I will do it again anyway...

The entire argument is that the network controlled loot can not be seen locally. Fine. So if you make an offline single player component, then loot is coded differently so it can't be placed on the RMAH since the person will never see what coding difference there is between the server loot and the local loot. If a person can find out what tag the server loot has, then the system is already compromised offline or no offline. Also, just don't make the single player offline characters be allowed to go to the online side. It really is that simple.

But no, this isn't the reason online only exists. The reason it exists is if there were an offline mode, those people wouldn't, and actually couldn't, use the RMAH. It's funny how that the defenders of the system actually are tripping over their own words now saying that you have to use the AH (gold for now since RMAH isn't live yet) to really advance in the game. Oh gee, there's a surprise. And which AH do you think you will have to buy loot from to advance in the game once the RMAH goes live. I'm willing to bet it will be the RMAH. Someone who plays offline is seen as someone who wouldn't be tempted to spend money on the RMAH.
 
[citation][nom]superfula[/nom]More idiocy from wildkitten. Glad things don't change.Just because a journalist says something doesn't make it true. Given the lack of journalistic integrity that is pervasive throughout the news world, her lying is much more likely than Blizzard.[/citation]

What, and corporations don't lie and submit bullshit information? Bottom line is I don't trust or believe anyone. But corporations can be just as full of shit as any individual people. They are run by people after all. As far as the integrity of journalists, I agree. Most are there for the glory and money. Like news organizations that claim to be "fair and balanced" despite being for profit organizations. How the hell can you be fair and balanced or otherwise if you are a for profit organization and your way of making money is to get as many viewers as possible? Sensationalism sells. I don't trust any of them.
 
I stated a few weeks ago there would be a god mode hack within a week of D3 coming out, but I was really surprised about this... Whatever Blizzard implements won't work... The hackers nowadays are so sophisticated that plus real money is involved only draws in organized crime from all over the world to leech off and if not control this new form of easy money...
 
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom