Page 2 of 3 FirstFirst
1
2
3
LastLast
  1. #21
    Quote Originally Posted by Nohvello View Post
    however there's no way i believe that; a. blizzard sells anything at cost. and b. it costs $5 to make an authenticator...its plastic with a screen...its essentially a calculator minus the function. and you can get a cheap calculator for a dollar
    What about the intellectual manpower that went into the creation of the authenticator? The usage rights for the algorithms that comprise its programming? Shipping? Labor? There's much more that goes into a product than simple material cost. I very much doubt Blizzard makes any significant profit off authenticators, or if they do profit then it's because they're selling it for a nice round number ($5) instead of at cost ($4.27 for instance, I don't actually know for sure).

    theres no reason anyone should be charged for account security. it should definitely be included with a normal box purchase.
    Blizz's many posts explaining how to secure your account are certainly offered free of charge. An authenticator does not make you hack-proof, nor does someone require an authenticator for their account to be secure. It's simply one extra layer out of many that you can choose to use. The other measures I mentioned above are certainly more important.

  2. #22
    Epic! Sighz's Avatar
    Join Date
    Jun 2009
    Location
    South Africa
    Posts
    1,668
    Although I agree that authenticators should be included in the boxes for free, I'm still willing to pay $10 extra so I can have the peace of mind that my account is mostly safe.
    And hoping for a smartphone version myself, it's going to be real annoying trying to get a physical one into SA.

  3. #23
    They shouldnt do anything on the players side. The players should secure their own accounts. Biowares responsibility is for their servers.

    It seems people have become too complacent in regards to authenticators. Developers issue them as a courtesy, not a necessity. Remember that.

  4. #24
    Bloodsail Admiral spaace's Avatar
    Join Date
    Jan 2009
    Location
    Ontario, Canada
    Posts
    1,112
    Truthfully, I didn't notice the authenticator right away when I was all over that CE.. The Malgus figurine blew my mind and I clicked "order now!" vigarously.


    Bliz Auth 6.50.... came out to 19.50 with shipping D:
    3DS FC: 5172 - 0403 - 7277
    Pokemon Y Safari Steel Type (Feroseed, Forretess, Brozong)
    Bravely Default
    White Mage|XIV Stream

  5. #25
    Im pretty sure this will come to your smart phone as well, I got mine for blizzard on my android, had it on my previous iphone as well, works great - then you know you always got it close by.

  6. #26
    i totally forgot about shipping costs to blizz, i suppose that makes up for a lot of the price...as to its development? again, its plastic with a calc. screen.

    Quote Originally Posted by renegadeimp View Post
    They shouldnt do anything on the players side. The players should secure their own accounts. Biowares responsibility is for their servers.

    It seems people have become too complacent in regards to authenticators. Developers issue them as a courtesy, not a necessity. Remember that.
    no...the blizz developers brought them on as a necessity, as account hacking is a -huge- problem...i personally was hacked 4 times before they released the authenticator, and as far as i know, it was through no fault of my own. is there a chance i did something stupid? of course there is. but there was nothing i could do short of buying that authenticator to protect myself from another incident. Account security is definitely the responsibility of the company to its fullest extent. obviously they cant be responsible for people doing stupid things like people following links from spam e-mails, or downloading keyloggers, etc. but when it comes to a cheap product like this that highly increases security i believe it should be a complimentary service.

    bottom line. most people wont play if their accounts are constantly being tampered with. and you obviously have to have a player base in order to support a game.

    does that mean if (more like when) bioware releases an authenticator no one will pay for it? of course not

    but that doesnt make it okay

  7. #27
    Quote Originally Posted by GarGar View Post
    What about the intellectual manpower that went into the creation of the authenticator? The usage rights for the algorithms that comprise its programming? Shipping? Labor? There's much more that goes into a product than simple material cost. I very much doubt Blizzard makes any significant profit off authenticators, or if they do profit then it's because they're selling it for a nice round number ($5) instead of at cost ($4.27 for instance, I don't actually know for sure).


    Blizz's many posts explaining how to secure your account are certainly offered free of charge. An authenticator does not make you hack-proof, nor does someone require an authenticator for their account to be secure. It's simply one extra layer out of many that you can choose to use. The other measures I mentioned above are certainly more important.
    I have Never ever heard of someone being hacked with an authenticator applied to there account. I have been playing WoW ever since they came out with the things. As for expecting a online game to provide a service to keep there game free from hackers,scammers and other such annoying and game problems seems in the best interests of any company. I don't care how you wanna package it. But for gods sake provide it. But yea, would be simpler to add it to the cost of the game for convience sake. Having to make a another purchase just to secure a product you have already purchased is pretty short sighted.

  8. #28
    Quote Originally Posted by Zinjinn View Post
    I have Never ever heard of someone being hacked with an authenticator applied to there account. I have been playing WoW ever since they came out with the things.
    It happens more than most people would care to admit. One of our guild officers, who had an authenticator but whose account had been inactive for months, was hacked and the hacker managed to take 90k from the guild bank in a matter of minutes (his daily withdraw limit was 250g). His account had not been reactivated but somehow they were able to log into his character anyway. With the right tools, getting past an authenticator is easier than people think. Heck, the authenticator algorithm was cracked within weeks of its release, allowing anyone with enough time stamps and authenticator codes (obtained through keylogging or MITM attacks) to calculate the serial number for the authenticator, basically rendering it useless.

    It doesn't make you immune to being hacked, it's just one more layer of security. And again, the other methods of maintaining account security are arguably much more important, as most account compromises could have been prevented through proper security practices unrelated to authenticators.

  9. #29
    TINSTAAFL

    If authenticators came with the retail box the retail box would cost more.

  10. #30
    Pit Lord philefluxx's Avatar
    Join Date
    Dec 2010
    Location
    Silicon Highway
    Posts
    2,305
    Quote Originally Posted by Nohvello View Post

    however there's no way i believe that; a. blizzard sells anything at cost. and b. it costs $5 to make an authenticator...its plastic with a screen...its essentially a calculator minus the function. and you can get a cheap calculator for a dollar
    As much as I agree Blizzard has become a money grubbing corporation of greed, they really do sell these at cost. Its much more than the keyfob to take into account but all the time and labor to get their security written for the authenticator as well as the cost of maintaining such a system.

    The truth is it was costing Blizzard more in security issues than to sell the keyfob at cost.

  11. #31
    Quote Originally Posted by GarGar View Post
    It happens more than most people would care to admit. One of our guild officers, who had an authenticator but whose account had been inactive for months, was hacked and the hacker managed to take 90k from the guild bank in a matter of minutes (his daily withdraw limit was 250g). His account had not been reactivated but somehow they were able to log into his character anyway. With the right tools, getting past an authenticator is easier than people think. Heck, the authenticator algorithm was cracked within weeks of its release, allowing anyone with enough time stamps and authenticator codes (obtained through keylogging or MITM attacks) to calculate the serial number for the authenticator, basically rendering it useless.

    It doesn't make you immune to being hacked, it's just one more layer of security. And again, the other methods of maintaining account security are arguably much more important, as most account compromises could have been prevented through proper security practices unrelated to authenticators.
    Again he said she said. It seems the a company like Blizzard or EA or Bioware would have some sort of way of securing there product. I have never had my account hacked, and have never known anyone whom used the authenticators to be hacked, in all my years of wow., Is it impossible to be hacked no. Just very unlikely. But your missing the overall if all you can say is "Well I knew a guy who new a guy, who got hacked who had an authenticator." Bottom line is when you pay to play a game that you have time (and cash) as an investment, it is not unreasonable to expect that the people selling the game provide account security.
    Last edited by Zinjinn; 2011-10-18 at 07:46 PM.

  12. #32
    Epic! Sighz's Avatar
    Join Date
    Jun 2009
    Location
    South Africa
    Posts
    1,668
    Quote Originally Posted by GarGar View Post
    It happens more than most people would care to admit. One of our guild officers, who had an authenticator but whose account had been inactive for months, was hacked and the hacker managed to take 90k from the guild bank
    Did you consider perhaps that he took off his authenticator when he stopped playing, or lied about having one? And why was he still officer rank when he'd been offline for months? Maybe it wasn't a "hacker", perhaps it was the officer himself who logged on, then said later that he was hacked.

    Not trying to being rude, and sorry if I came across as such. I just find it hard to believe someone was "hacked" with an authenticator. It's always "my friend" or "my guildie's friend knew this guy that", it's never "I got hacked even with an authenticator on my account".

  13. #33
    Pandaren Monk Shamburger's Avatar
    Join Date
    Oct 2009
    Location
    The Great White North
    Posts
    1,779
    Quote Originally Posted by Sighz View Post
    Did you consider perhaps that he took off his authenticator when he stopped playing, or lied about having one? And why was he still officer rank when he'd been offline for months? Maybe it wasn't a "hacker", perhaps it was the officer himself who logged on, then said later that he was hacked.

    Not trying to being rude, and sorry if I came across as such. I just find it hard to believe someone was "hacked" with an authenticator. It's always "my friend" or "my guildie's friend knew this guy that", it's never "I got hacked even with an authenticator on my account".
    This. Plus if the account was inactive (which means unsubscribed) you can't log on to the server period whether you're a hacker or not.

  14. #34
    Quote Originally Posted by PuliGT View Post
    TINSTAAFL

    If authenticators came with the retail box the retail box would cost more.
    i would even be happy for this...but the fact that its a completely separate product with separate shipping costs is just outright lame

    the blizz store claims to waive shipping fees, idk if its a new thing or i just have a bad memory. but i remember paying around $15 with shipping

  15. #35
    Quote Originally Posted by Zinjinn View Post
    Again he said she said. It seems the a company like Blizzard or EA or Bioware would have some sort of way of securing there product. I have never had my account hacked, and have never known anyone whom used the authenticators to be hacked, in all my years of wow., Is it impossible to be hacked no. Just very unlikely. But your missing the overall if all you can say is "Well I knew a guy who new a guy, who got hacked who had an authenticator." Bottom line is when we pay to play a game that you have time as an investment, it is not unreasonable to expect that the people selling this game provide account security.
    Don't get me wrong, I agree with you. Companies absolutely have a responsibility to make their digital service as secure as reasonably possible, including having the option for additional user security like authenticators. But most compromises are not due to lack of security on the part of the provider. They're a result of either: mismanagement of their personal information by the user (probably most common); lack of security practices on the user's part (antivirus, antispyware, strong passwords, etc); lack of security on the part of other websites or services whose systems were compromised and user information stolen (but this goes back to user security practices, using the same username/password for multiple services). In the end it's still the user's responsibility to make sure they're doing everything they can to protect themselves, because Bioware can only do so much.

    ---------- Post added 2011-10-18 at 03:01 PM ----------

    Quote Originally Posted by Shamburger View Post
    This. Plus if the account was inactive (which means unsubscribed) you can't log on to the server period whether you're a hacker or not.
    That's why they're called "hackers". They can do things normal users can't. See where I said the daily cap for withdrawals was 250g but he withdrew 90k in one day. The money log was as such:
    Player withdraws 250g. (1 day ago)
    Player withdraws 250g. (1 day ago)
    Player withdraws 250g. (1 day ago)
    Etc until the bank was empty.
    Last edited by GarGar; 2011-10-18 at 08:03 PM.

  16. #36
    Besides the authenticator, protection of your account lies with you. Create a strong password and regularly scan for viruses/malware/spyware.

  17. #37
    The Patient Sut's Avatar
    Join Date
    May 2010
    Location
    United Kingdom
    Posts
    259
    Quote Originally Posted by GarGar View Post
    It happens more than most people would care to admit. One of our guild officers, who had an authenticator but whose account had been inactive for months, was hacked and the hacker managed to take 90k from the guild bank in a matter of minutes (his daily withdraw limit was 250g). His account had not been reactivated but somehow they were able to log into his character anyway. With the right tools, getting past an authenticator is easier than people think. Heck, the authenticator algorithm was cracked within weeks of its release, allowing anyone with enough time stamps and authenticator codes (obtained through keylogging or MITM attacks) to calculate the serial number for the authenticator, basically rendering it useless.

    It doesn't make you immune to being hacked, it's just one more layer of security. And again, the other methods of maintaining account security are arguably much more important, as most account compromises could have been prevented through proper security practices unrelated to authenticators.
    Why hack the guy with an aunthenticator when they can move on to an easy target? Hackers are lazier than you may imagine.

  18. #38
    Quote Originally Posted by Nohvello View Post
    i totally forgot about shipping costs to blizz, i suppose that makes up for a lot of the price...as to its development? again, its plastic with a calc. screen.



    no...the blizz developers brought them on as a necessity, as account hacking is a -huge- problem...i personally was hacked 4 times before they released the authenticator, and as far as i know, it was through no fault of my own. is there a chance i did something stupid? of course there is. but there was nothing i could do short of buying that authenticator to protect myself from another incident. Account security is definitely the responsibility of the company to its fullest extent. obviously they cant be responsible for people doing stupid things like people following links from spam e-mails, or downloading keyloggers, etc. but when it comes to a cheap product like this that highly increases security i believe it should be a complimentary service.

    bottom line. most people wont play if their accounts are constantly being tampered with. and you obviously have to have a player base in order to support a game.

    does that mean if (more like when) bioware releases an authenticator no one will pay for it? of course not

    but that doesnt make it okay
    No. Blizzard brought them in, because the vast majority of wow players are mentally deficient and lack the basic common sense to secure their own machine. Hell, a lot of them still believe in the "blizzard is hacked" conspiracy theory.

    ---------- Post added 2011-10-18 at 09:29 PM ----------

    Quote Originally Posted by GarGar View Post
    That's why they're called "hackers". They can do things normal users can't. See where I said the daily cap for withdrawals was 250g but he withdrew 90k in one day. The money log was as such:
    Player withdraws 250g. (1 day ago)
    Player withdraws 250g. (1 day ago)
    Player withdraws 250g. (1 day ago)
    Etc until the bank was empty.
    Thats not hacking, thats exploiting. It's completely different.

  19. #39
    Quote Originally Posted by Sut View Post
    Why hack the guy with an aunthenticator when they can move on to an easy target? Hackers are lazier than you may imagine.
    Oh I do imagine they're always looking for the easiest targets. But in the case of my guildie they must have had some kind of in-depth information about the system, as they were able to log on while the account was inactive, bypass his authenticator, and take more than the daily limit in both gold and item withdraws. Could he by lying about account activity and the authenticator? Maybe, but if he was capable of compromising/exploiting Blizz's systems (knowing him for 3 years, he's not) to be able to withdraw more than the daily limit, Blizz would have found evidence it was him and wouldn't have given his account back.

    I was "hacked" once myself, back before authenticators, and when I used the same username/password for other services (which is how I suspect they got my info). They transferred one of my characters to a different server by bypassing the normal transfer process. When I got my account back there was no record that a transfer had been initiated through the paid transfer service (and they only had it for 3 hours so a GM ticket for a transfer couldn't have been answered in that time), but there my character was, naked on a server I had never played on. So sometimes they do exploit genuine flaws in the system, but how they come across these magical powers is not for me to know.

    And yeah, hackers/exploiters will always be a thorn in the side of developers of sensitive systems, whether gaming or banking or government contracting. All I can really do is protect myself the best way I know how. I'll leave the battle of wits up to the professionals and the troublemakers.

  20. #40
    Quote Originally Posted by GarGar View Post
    Oh I do imagine they're always looking for the easiest targets. But in the case of my guildie they must have had some kind of in-depth information about the system, as they were able to log on while the account was inactive, bypass his authenticator, and take more than the daily limit in both gold and item withdraws. Could he by lying about account activity and the authenticator? Maybe, but if he was capable of compromising/exploiting Blizz's systems (knowing him for 3 years, he's not) to be able to withdraw more than the daily limit, Blizz would have found evidence it was him and wouldn't have given his account back.

    I was "hacked" once myself, back before authenticators, and when I used the same username/password for other services (which is how I suspect they got my info). They transferred one of my characters to a different server by bypassing the normal transfer process. When I got my account back there was no record that a transfer had been initiated through the paid transfer service (and they only had it for 3 hours so a GM ticket for a transfer couldn't have been answered in that time), but there my character was, naked on a server I had never played on. So sometimes they do exploit genuine flaws in the system, but how they come across these magical powers is not for me to know.

    And yeah, hackers/exploiters will always be a thorn in the side of developers of sensitive systems, whether gaming or banking or government contracting. All I can really do is protect myself the best way I know how. I'll leave the battle of wits up to the professionals and the troublemakers.
    LOL Being Captain Obvious must come hard for ya!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •