Tag wow

Late Night Rant: Let’s Talk Security

I want to start out with saying that my hacked account story had a happy ending – all my stuff is back and my account has been returned to me. It went fast, I am extremely happy. I won’t be touching the game again until I can get an authenticator though, I don’t want to go through this again. I trust my friends will let me know if something dodgy is going on, but the password is changed and I’ve gone through my own security habits and updated them a lot. You won’t get my stuff again!

Pantless gnome

My character ran around like this for hours, farming elementals for the hacker.

But let’s talk security. When your account is hacked, who is really to blame? This is all a thought experiment, this is not actually blaming anyone for what can happen to your account. Don’t get upset. But I can’t help feeling that the usual defense – “it’s all your own fault, Blizzard/NCsoft/Game Company X had nothing to do with it” – can be a bit, well, weak.

Because frankly, we don’t know. We don’t know what is going on on their side. While I am quite sure that this was all my own fault, somehow, it is hard to not hear warning bells ringing when every sweep of my computer turned up nothing at all. Now, no anti-virus or malware-scanner is infallible. Something might have been missed. It might not even be on my computer, perhaps it’s from a forum or WoW-related site that I used the same e-mail and password for (I just love logging into WoW with my e-mail, btw. Absolutely love it. /sarcasm).

There has been a rise in hackings lately, we certainly saw a huge rise in it around Christmas. There might be all kinds of reasons for this, but I won’t rule out that there might have been a security breach at Blizzard. It’s unlikely, a huge company like that can of course afford the best security money can buy. At the same time, the hackers are getting bolder and bolder, and – worst of all – richer.

Do you seriously believe that they would add an official authenticator to your account if they couldn’t afford to buy one just for that particular hack? They get your username and password, add a $6 authenticator to it to buy themselves enough time to grab as much gold as they can before Blizzard can intervene. That’s $6 dollars off the bottom line that they just have to hope will be worth it in the end (I doubt that my account was worth it, I hardly had any gold worth mentioning and not many emblems for gems), for every account. It’s no longer a quick hack and run. It’s a hack and fortify run.

There’s so much money in World of Warcraft now that these schemes are getting more and more complicated. The hackers constantly come up with new plans to circumvent the security measures that are put in place. Even the authenticators, hailed as a way to end hacking, are being used against the poor sods (like me) that don’t have one. And they will keep doing it, until either someone comes up with a security system that is fail safe, or the market in World of Warcraft gold collapses. And only the players can make that happen.

Because of this, I don’t buy into the whole “it’s always your own fault”-idea. It is probably true, but since we don’t know what actually is going on at Blizzard, I think we should at least be open to the idea. People make mistakes, every security system can potentially be compromised. And the hackers have shown, over and over again, that they are able and willing to do whatever it takes to get hold of your gold. There’s just too much money in it.

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Copyright © Don’t Fear the Mutant
Virtual worlds, massive multiplayer games and assorted ramblings

Built on Notes Blog Core
Powered by WordPress