Blizzard Defends Always-Online For Diablo III: Reaper of Souls

[Aeshi]

I don't need to PM anything. It's pretty common knowledge that their DRM failed. There were numerous stories on it. Cracking sites created a system of emulated servers that ran on your system to fool the game into thinking you were connected. Sharing pirated material (even via PM) is against the rules on this site. But i can tell you the game was pretty comprehensibly cracked back in 2012 by the outfit Skidrow who are also infamous for cracking the Ubisoft always on DRM almost before it came out.

"Lol no proof" isn't the way to go about this. My point goes beyond the DRM simply not stopping piracy. Even if it did 100% stop piracy (which it didn't) the DRM would still be as bad for the games open ethos as ever.

Sorry, but if this cracked version is as "common knowledge" as you make it out to be (which I doubt, I haven't heard a thing about it, and you'd think a game as triple A & Unpopular as this would have that fact trumpeted far and wide) you should have no trouble giving some proof, even if you can't link to pirate/torrent sites.

Either that or you can just join the trash-can of other people who claim a Cracked D3 exists and then either go all quiet when asked for proof or declare that anyone demanding proof is a mindless sheeple not worth arguing with (which conveniently means they don't have to show any proof)

 

[loc978]

Blizzard Defends Always-Online For Diablo III: Reaper of Souls

Lead designer Kevin Martens says people don't remember "how mad they were" that Diablo II had both an online and offline mode.

"I don't think people necessarily remember how mad they themselves were that they had an offline mode and online mode in Diablo II. This will probably be controversial for me to say. People will be like, "I wasn't mad!" But I was there at the time, and then I studied this for a living."

"It sucks when your friend or brother is online and he wants to join this game, but you realize you're an offline character and he's an online character, and there's no way to transfer over because offline characters can be hacked and hex-edited to hell and back, right?" continued Martens, explaining that the company still feels that forcing Diablo III to be online was the right choice.

...that's a load of bullshit... they had a very elegant solution with Diablo 2, anyone outraged by more choices is an idiot. Also, you could play any character with any other character in a LAN or direct connection world (or open battle.net, if you were a masochist), your closed bnet characters were saved on your HDD, all you had to do was copy them into the offline directory, and you'd have two different versions of 'em. That was doubly convenient because you could keep progressing in closed bnet without leaving your buddy behind offline... or if you each progressed independently, copy 'em over again. Easy.

 

[Atmos Duality]

Yes, and an offline mode in the way it is handled in, I'm pretty sure, every other game is detrimental to that security. All you need is in the rest of the thread but I'll give you the gist of it. Basically, giving a would-be hacker access to the whole game(ie. offline mode) allows them to understand how the game works much faster than if they didn't have it. Keeping all that stuff on a secure server means that they are doing guesswork and by the time they stumble upon anything worthwhile the banhammer would be incoming.

You can suggest and imply that having the full game makes it easier to use online hacks all you want, and you will always run headlong into a wall called "ACCESS". Reality in fact, asserts this far better than you ever could.

Going by your logic, World of Warcraft should be an unplayable hackfest at this point, because private WoW servers have been around for almost as long as official WoW has. It's all the same code.

Yet WoW didn't collapse; it's only one of the most financially successful and popular online games in history.

So obviously, having access to the base code isn't enough.
Because if you don't have access to where you can apply modifications to said base code, it's completely useless.

Spoiler: Elaboration

Having the core game might enable hackers to understand how things work, and even formulate a perfect hack in theory, but if they can't defeat the issue of access, it's all for naught.
A master locksmith who made a perfect fake of a key based on the original...for an unreachable vault.

But that doesn't prevent hackers from trying. On occasion they get the access they want to do what they want.
So, what actually allows WoW to remain "legitimate"?

"Access", or more accurately "Access Control" is the fundamental purpose of Policing and Security; Policing and Security is an ongoing process of Prevention and Correction.
(Probe for weakness in Prevention, Correct weakness, improve Prevention. Rest assured, if you don't probe for weaknesses, others will, and they won't be so kind to correct them.)

More simply, it's about the service provider giving enough of a fuck to secure their system internally, regardless of that system's features.

Even Diablo 2 went from an unmitigated hackfest in version 1.09 to a far more stable online environment in 1.10 onward.
It was never perfect, but it was greatly improved. I remember the first Rust Storm, and the mind blowing number of bugged and hacked items that vanished overnight. Entire characters were found NAKED save for their potions, tomes and H-Cube.

And they didn't stop there: What followed were waves of mass-bans. Not thousands, but MILLIONS of accounts and CD-Keys over the course of the next several years for all manner of illicit shit.

Blizzard accomplished that inspite of hackers having access to the multiplayer platform and core game.
Ultimately, it wasn't a significant factor.

In all cases, the "legitimacy" of a server's game environment is only as good as its enforcement, and an Offline mode really has virtually nothing to do with it in practice. What Offline Mode does provide, is a way for the player to continue enjoying the game they paid for in the event the online game goes to shit.

Spoiler: As for the benefits vs drawbacks of Always Online

Going from Diablo 2's Option Model to Diablo 3's Always Online model:

Blizzard has INCREASED the security burden they must bear, and thus the risk to their users.
This was made worse by the fact that Blizzard has advertised to the world that D3 items have real money value, so now EVERYONE who plays D3 is a target for hackers.

(my sister and her fiancee both lost their items and gold to an intrusion back in July '12, and they never even glanced at the AH or the Authenticator nor did they engage in any external websites. It's an ongoing problem outside of D3 in other games with similar MMO-like models. So yes, this issue has precedence and significance.)

People who play offline or in LAN are of no concern to hackers, and they don't contribute to the service burden either.
Meaning, no service blackouts due to overload.

Then there's the obvious problems of service dependency. Diablo 3 requires both Blizzard and the user's ISP to not fuck up in order for D3 to be playable at all, nevermind the issues of lag.

What are the benefits?
MAYBE a better Online experience. That's it. And even that bit was largely ruined by Blizzard's sleazy Auction-House grind-game.

So really: There's no defense for the change to Always Online from the player's perspective, even if you have absolutely no issues with only playing the game online because before, that choice was always available.

D2 let the player choose. D3 does not. D3's model is therefore worse and at the very least Blizzard should stop trying to defend it. End of story.

Either that or you can just join the trash-can of other people who claim a Cracked D3 exists and then either go all quiet when asked for proof or declare that anyone demanding proof is a mindless sheeple not worth arguing with (which conveniently means they don't have to show any proof)

Or maybe they're intelligent enough to realize that providing links to said proof, ie illicit/pirated material on The Escapist is a bannable offense.

 

[Fox12]

So basically Blizzard just doesn't give a shit. Atleast they're being honest about it. I never like them, so it makes no difference to me.


sums up the interview, I think.

 

[Aeshi]

Or maybe they're intelligent enough to realize that providing links to said proof, ie illicit/pirated material on The Escapist is a bannable offense.

And if the crack was some sort of hidden secret (or D3 an obscure game) I might buy that, but said people always seem to make out said Crack to be something whose existence is known by every other person on the planet.

D3 is pretty unpopular thanks to the DRM, so I think if a crack had been made for it then at least ONE "safe to link to" website would've mentioned it by this point, Hell, this very website/forum would probably have had at least one article/thread on it if such a thing actually existed.

I mean when AC2's DRM got cracked it wasn't something only a couple of pirating sites bothered to mention, other sites that you could link to without getting banned mentioned it too, and while I can't remember the precise article, I know the Escapist bothered to mention it.

 

[Atmos Duality]

D3 is pretty unpopular thanks to the DRM, so I think if a crack had been made for it then at least ONE "safe to link to" website would've mentioned it by this point, Hell, this very website/forum would probably have had at least one article/thread on it if such a thing actually existed.

Such an article would have to come from a primary source outside of The Escapist; ie, someone "important" talking about it to give it the usual combination of "newsworthiness" and "plausible deniability" (the "neutral distance" between reporter and subject) that defines "game journalism" today.

As for the subject of such a crack; I don't know for certain.

My policy is to avoid playing games attached to business practices I abhor (which includes pirated copies; I don't play them, so I don't look for them). And given what I've gleaned in casual research, D3 doesn't have a fully functional cracked version yet, but perhaps that's just because I'm not looking hard enough.

Still, I would not expect the sort of "conclusive" proof you want to be presented here unless someone wants to risk mod-wrath.

 

[ObsidianJones_v1legacy]

Blizzard Defends Always-Online For Diablo III: Reaper of Souls

Lead designer Kevin Martens says people don't remember "how mad they were" that Diablo II had both an online and offline mode.

"If someone has no Internet access, then yeah, Diablo III is not the game for them," Diablo III's lead designer Kevin Martens told Rock, Paper, Shotgun [http://www.rockpapershotgun.com/2013/11/13/blizzard-talks-diablo-iiis-new-path-defends-online-req/] in an interview at Blizzcon. Always-online has been the second most controversial feature of the game, and after Blizzard made the decision to remove the most controversial feature (the Auction House), people assumed that always-online may follow. But, Martens again puts his foot down, stating that people don't remember "how mad they were" that Diablo II had both an online and offline mode.

"I don't think people necessarily remember how mad they themselves were that they had an offline mode and online mode in Diablo II. This will probably be controversial for me to say. People will be like, "I wasn't mad!" But I was there at the time, and then I studied this for a living."

"It sucks when your friend or brother is online and he wants to join this game, but you realize you're an offline character and he's an online character, and there's no way to transfer over because offline characters can be hacked and hex-edited to hell and back, right?" continued Martens, explaining that the company still feels that forcing Diablo III to be online was the right choice.

You know what, Kevin? Fair point. That's entirely a good reason to axe that from the game.

I'm going to go talk to 2k games now. They should know that having an offline character and an online character will make people so angry that they won't buy the game.

No, Kevin. Don't worry. I got you. When they mention that Borderlands 2 shipped 7.5 Million Copies [http://www.joystiq.com/2013/10/29/borderlands-2-ships-7-5-million-copies-on-track-to-break-sales/], I'll remind them that you studied this for a living and there's no real viable model that having an offline and online system ever worked or people ever accepted it.

Also, I'll shield your eyes to the fact that people still willing go play Diablo 2 over Diablo 3 [http://us.battle.net/d3/en/forum/topic/8569109606] because they like the experience better than what Blizzard put out.

You studied, Man. You know all, and I got your back. Just a fount of good points...

 

[black_knight1337]

I don't need to PM anything. It's pretty common knowledge that their DRM failed. There were numerous stories on it. Cracking sites created a system of emulated servers that ran on your system to fool the game into thinking you were connected. Sharing pirated material (even via PM) is against the rules on this site. But i can tell you the game was pretty comprehensibly cracked back in 2012 by the outfit Skidrow who are also infamous for cracking the Ubisoft always on DRM almost before it came out.

"Lol no proof" isn't the way to go about this. My point goes beyond the DRM simply not stopping piracy. Even if it did 100% stop piracy (which it didn't) the DRM would still be as bad for the games open ethos as ever.

And "Lol I don't need proof" isn't the way to go about it. You're the one making the claim, you're the one that needs to back it up. And in doing another sweep with what little you gave me to go by there still isn't anything that says it's "comprehensibly cracked". The most I've seen done is Act 1 and I doubt that it's complete and functional like in the actual game. Even presuming it is, that only amounts to 6.25% of the game(ie. to hit the end-game). That's hardly comprehensive and wouldn't even be properly playable unless your happy to farm content your over-levelled for just to get crappy gear. If you actually do have some proof, here is my Steam Id [http://steamcommunity.com/profiles/76561198037491173/].

You can suggest and imply that having the full game makes it easier to use online hacks all you want, and you will always run headlong into a wall called "ACCESS". Reality in fact, asserts this far better than you ever could.

Going by your logic, World of Warcraft should be an unplayable hackfest at this point, because private WoW servers have been around for almost as long as official WoW has. It's all the same code.

Yet WoW didn't collapse; it's only one of the most financially successful and popular online games in history.

So obviously, having access to the base code isn't enough.
Because if you don't have access to where you can apply modifications to said base code, it's completely useless.

Spoiler: Elaboration

Having the core game might enable hackers to understand how things work, and even formulate a perfect hack in theory, but if they can't defeat the issue of access, it's all for naught.
A master locksmith who made a perfect fake of a key based on the original...for an unreachable vault.

But that doesn't prevent hackers from trying. On occasion they get the access they want to do what they want.
So, what actually allows WoW to remain "legitimate"?

"Access", or more accurately "Access Control" is the fundamental purpose of Policing and Security; Policing and Security is an ongoing process of Prevention and Correction.
(Probe for weakness in Prevention, Correct weakness, improve Prevention. Rest assured, if you don't probe for weaknesses, others will, and they won't be so kind to correct them.)

More simply, it's about the service provider giving enough of a fuck to secure their system internally, regardless of that system's features.

Even Diablo 2 went from an unmitigated hackfest in version 1.09 to a far more stable online environment in 1.10 onward.
It was never perfect, but it was greatly improved. I remember the first Rust Storm, and the mind blowing number of bugged and hacked items that vanished overnight. Entire characters were found NAKED save for their potions, tomes and H-Cube.

And they didn't stop there: What followed were waves of mass-bans. Not thousands, but MILLIONS of accounts and CD-Keys over the course of the next several years for all manner of illicit shit.

Blizzard accomplished that inspite of hackers having access to the multiplayer platform and core game.
Ultimately, it wasn't a significant factor.

In all cases, the "legitimacy" of a server's game environment is only as good as its enforcement, and an Offline mode really has virtually nothing to do with it in practice. What Offline Mode does provide, is a way for the player to continue enjoying the game they paid for in the event the online game goes to shit.

Like I said to someone else earlier. This isn't a very common form of hacking, the kind of thing you're talking about only happens to inadequately protected servers. Blizzard's servers are far from that kind of vulnerability. I doubt I can get away with any specifics of it but, like the other user, I'll point you towards packets.

Blizzard has INCREASED the security burden they must bear, and thus the risk to their users.
This was made worse by the fact that Blizzard has advertised to the world that D3 items have real money value, so now EVERYONE who plays D3 is a target for hackers.

(my sister and her fiancee both lost their items and gold to an intrusion back in July '12, and they never even glanced at the AH or the Authenticator nor did they engage in any external websites. It's an ongoing problem outside of D3 in other games with similar MMO-like models. So yes, this issue has precedence and significance.)

A vast majority of hackings like this aren't caused by the developers. They are caused by things as simple as using the same password on another site. If that site has a breach then they've got everything they need to get into your b.net account. Then there's also people that fall for scams, getting emails from people claiming to be Blizzard asking for account details or sending you to a site to get you to log in. Now I'm not saying that your sister and her fiancee were hacked because of those things, for all we know Blizzard could have had their security breached. Only thing with that though is why weren't the high profile players targeted? I mean, they'd give the most profit.

And at least when these situations do occur, Blizzard are quick to get on top of it and make it like it never even happened.

People who play offline or in LAN are of no concern to hackers, and they don't contribute to the service burden either.
Meaning, no service blackouts due to overload.

Fair enough. Servers getting overloaded only happens on launches though. I know it's not ideal but surely you can find something else to do for a few hours.

Then there's the obvious problems of service dependency. Diablo 3 requires both Blizzard and the user's ISP to not fuck up in order for D3 to be playable at all, nevermind the issues of lag.

That's fair enough and I'm sure it would be a major issue for people still using dial-up. But like I've said before, I live in Australia, in an area that is considered by ISPs to be 'regional'. I use mobile broadband, infamous for it's inconsistencies. And to top it all off I'm lucky if I have an average download speed of 10kB/s. If I can clear all of the content solo with all that, then surely almost(I say almost because there's always someone worse off) everyone else should be able to.

What are the benefits?
MAYBE a better Online experience. That's it. And even that bit was largely ruined by Blizzard's sleazy Auction-House grind-game.

So really: There's no defense for the change to Always Online from the player's perspective, even if you have absolutely no issues with only playing the game online because before, that choice was always available.

D2 let the player choose. D3 does not. D3's model is therefore worse and at the very least Blizzard should stop trying to defend it. End of story.

For the user there's a greater online security and seamless integration of social features(multiplayer, clans, groups etc).
For Blizzard there's greater control over what happens in game, hotfixes are easier to apply and less worry of piracy hurting profits.

And yeah, having the choice is always better than not but it's easy to see the logic that was used in their decision. And ultimately, it didn't hurt the game all that much because statistics showed that the retention rate was only marginally lower than what it was for Diablo 2 after the same amount of time. And considering the change in the industry since then, that's to be expected.

 

[Vylox]

Diablo 2 did this, it was also filled with hacks. The hacks I'm talking about aren't hex editors and the like that edit you character's stats. They are stuff like map hacks, making your movement become teleports, duping, forcing people to drop their gear etc.

I played D2 consistently up until last year, and there was this nifty thing called a "rust storm", it was a small snippet of code that ran upon game creation, only on ladder, that would scan the database very quickly to detect dupes and hacks. It was implemented in 1.08.4 of LoD.
Map hack was a specific hack that allowed a player to see the whole map. And that was it.
Movement like teleport was part of a piece of equipment, specifically the runeword Enigma. I understand that there was a working hack to accomplish this, but under most circumstances it wouldn't be used much or often as the hack itself was reported to cause additional lag when being used.
Forcing people to drop gear happened anyway, when players would load up their inventories with charms and the like, it would prevent them from claiming their bodies after deaths from PvP. It was also a common occurrence for EVERY SINGLE Hard Mode character.

The thing about the ladder seasons for D2, is they didn't track PvP at all, but instead tracked experience gain and level progress.

The only real issue for D2 after 1.08.4 were the plethora of bots, which wasn't much of an issue anyhow as the majority of them welcomed more players in their games for increased drop rates, many would also automatically accept party requests and put up TPs so that lower level players could come to the area they were in and kill/gain exp and collect loot. Though a lot of them had lines that asked for others to not attack, but the drops were free game as were gaining essentially free experience from Diablo and Baal runs.

I know for a fact that there are players running bots for D3, as you can get them easily (Google search lists more than a dozen) and they aren't very difficult to create anyway.

I feel that I need to enlighten you about coding.
The difference in handling something server-side only and locally, for the same game, only requires variable modulation. A competent programmer can do this now relatively easily. The hypothetical offline code that is stored on your PC would use a different set of array variables, or an array itself, while the online only version could use a private class structure without bothering to use an array of stored values, or it could use a different set of arrays/function to access. Meaning that the code you have stored on your computer would differ from the online code by about 10%. Which can easily be handled by copy/paste and then changing a few key functions and variables. This would not cause development costs to "skyrocket", and would likely not increase said costs more than what it would cost to employ a competent programmer for a week.

And please remember that Diablo 3 was in production for basically 10 years. There was plenty of time to actually work out a viable way of making a single player game into an actual single player game, instead of a MMO

As for adding and innovation... Yup D3 added and innovated, then removed the auction house feature because it was broken.

 

[Strazdas]

Yeah, many people missed tibia. At its peak it had a record of less than 65.000 players online at the same time so it wasnt that known. Ultima is much more famous, and msot people think that is the first graphical MMO, when in fact Tibia has beat it by couple months.
I have heard good things about Mu but never tried myself.

It was a very pretty MMO at the time, and it had a good range of skills, mounts and wings to choose from. The only thing is the game only had a couple of quests and it was centered around team work and shopping. It took me ages to get to level 200.

Anyway, after the first year they were hacked completely and unfortunately many peoples accounts were broken into and lost a fair amount of items. After that though, they really made the rules strict as hell and my friend was just trying to use this basic hack to triple his damage and they cut him after 2 hours! I was the only one with him so I don't how it happened. I noticed some other people trying to dupe and what not, but it just all disappeared after that and I never saw any hackers again.

Tibia was slow at the beginning too. Though hacks you decribe.... sunds like huge gaps in the games programming. duping items, triple damage, yeah, no decently programmed online game would allow you to get with that, it simply wouldnt work since server decide damage done. Or well it should anyway. something as blatant as teling server your damage is 3 times larger than it actually is is obviously going to raise red flags.

Yes, at it's most basic that is what a map hack is but they typically include more features like enemy locations, chest locations etc. But no, that shouldn't be a basic feature. One of the cornerstones of the genre is the way it randomises the environment which keeps you on your toes because you don't know what is around each corner. Having the whole map revealed all the time removes this almost completely.

And how is that different to, say, having a website with a map open on screen 2?
Or the maps are randomly generated? If they are, they are generated on the server then, which means the server can simply deny the client acess to parts of the map the player "cant see". Make information available only on X distance from player and you solved the problem.

You're right, that wouldn't affect production costs that much. However, that compromises security for the online portion because a copy of the server is stored locally.

Only if your online portion is badly coded to begin with. Seriuosly, you should never leave holes so big that anyone randomly piking the data sent to server may hack into it from there. I understand that its never possible to completely be hack free, but that will be true offline mode or no offline mode. and if you rely on your ability to catch and ban a person before he figures out the fault in your system because you didnt code the online mode safely then i would never trust such company with anything. Its like not running from a bear in the forest because you hope someone will distract him before he reaches you.

So you bring pirating in which isn't all that relevant. If you need to cite hacks to provide evidence of hack-free games then you're doing something wrong.

So we got exmples of hack-free MMOs, that can be played offline (with cracks, private servers), and this does not compromise the actual online security. Pirates are relevant in this case because they are usually the ones having to do that work company was too lazy to do to make the game work without online checks and needing to insert discs and all that crap.

Modifying server code isn't the only way you can hack and is in fact one of the rarer forms. I don't think the mods would appreciate it if I went into to much detail so I'll just point you towards packets.

But its easy to protect yourself against packets problems. packet is unknown/not what it should be? automatically reject it. Sure people with internet that looses packets on the way may suffer, but that is the blame on thier ISPs and not the game company. People that are actually hacking, will do so offline mode or no offline mode. people who gain ability to hack due to offline mode are easy to fend off if online mode is properly programmed.

Not into, because there would be different security measures there. But I'll point you at the bit above, that's the main thing. And it's a simple concept, if you have easy access to the software then it becomes significantly easier to hack. This is because you can test different methods and immediately see what they do with no risks whatsoever. If they don't have it locally then they have to do all that online. By doing it online, the developers of the software will be aware of what they are doing and before they can make significant headway they can cut off their access.

This stuff doesn't just apply to games, it applies to all forms of computer security. The more you can hide from would-be hackers, the securer your system will be.

Fair enough, you have a point here.
The question however is, if it is worth sacrificing an offline mode for. And the answer is... subjective.

Correct, to provide an offline mode without compromising the online mode they would need to code it in a completely different way. The thing is though, is that Blizzard are a business just like everyone else. Doing that for the PC version would add a considerable amount to the development costs because they'd effectively be making two games but selling them as one. This kind of change is fine for console versions because they are recoding it once and selling it once.

GTA5 did it, although no PC version yet.

No offence but this is one of the dumbest things I've heard in relation to this debate. Diablo III is not an MMO. The game has been cracked. It is available 100% offline and has been pretty much since it came out. Once the game is cracked any would be 'hacker' has full access anyway. You act like the game is some kind of secure, bank like trading environment or a very competitive multiplayer environment. It is neither. It's an old fashioned co-op RPG. Modifying your characters is the basis of many games like this once you reach endgame. Hell as I've already said Runic games gave everyone access to the console commands to test out items/builds/mods at their leisure.

All of these hypothetical non-problems stem from one thing. The real money auction house. A problem Blizzard created themselves and one that no longer exists.

Wrong on two occasions:
Diablo is an MMO. It works like a MMO.
DIablo has been cracked, true. The craced version is one of the late beta versions and is not identical to final version. No further versions or patches were cracked as far as i know and that kinda makes it special, since it is the first game that wasnt fully cracked like that.

The core group that was working on it have either abandoned it or gone private".

To the best of my knowledge, which granted isnt inside knowledge but from what i could gather from the outside, Skidrow abandoned it becuase they thought it wasnt worth bothering.

Sorry, but if this cracked version is as "common knowledge" as you make it out to be (which I doubt, I haven't heard a thing about it, and you'd think a game as triple A & Unpopular as this would have that fact trumpeted far and wide) you should have no trouble giving some proof, even if you can't link to pirate/torrent sites.

Either that or you can just join the trash-can of other people who claim a Cracked D3 exists and then either go all quiet when asked for proof or declare that anyone demanding proof is a mindless sheeple not worth arguing with (which conveniently means they don't have to show any proof)

You are aware that escapists rules does not allow him to provide proof, right?
And it WAS trumpeted far and wide, back when the game was cracked, which is a year ago. Of course not everyone know about it, not everyone know about anything. People who follow such things however knew. And the trumpeting thing is really pointless since every triple A game gets cracked you know. So if all of them trumpeted it all we would hear is cacophone of "i got cracked".

 

[Atmos Duality]

Like I said to someone else earlier. This isn't a very common form of hacking, the kind of thing you're talking about only happens to inadequately protected servers. Blizzard's servers are far from that kind of vulnerability. I doubt I can get away with any specifics of it but, like the other user, I'll point you towards packets.

I'll leave that discussion to someone with more experience in the matter. I'm fairly familiar with packet sniffing and crafting, but not much for deciphering or reverse engineering networking.

A vast majority of hackings like this aren't caused by the developers. They are caused by things as simple as using the same password on another site.

I know how scam sites and keyloggers operate.
And I assure you, that was definitely not the cause of their accounts being drained.

Only thing with that though is why weren't the high profile players targeted? I mean, they'd give the most profit.

It would take a fair bit of data mining on their part to determine the high rollers, and who just was incidentally lucky.
Unless there's a LoLking or other such character catalog site for D3.

In the absence of that, it's far better to go for the heart and grab as many accounts as possible to drain at once.

And at least when these situations do occur, Blizzard are quick to get on top of it and make it like it never even happened.

Fair enough. Servers getting overloaded only happens on launches though. I know it's not ideal but surely you can find something else to do for a few hours.

From what I saw from my sister etc, Diablo 3 was unplayable for the better part of the first two weeks on my ISP.

That's fair enough and I'm sure it would be a major issue for people still using dial-up. But like I've said before, I live in Australia, in an area that is considered by ISPs to be 'regional'. I use mobile broadband, infamous for it's inconsistencies. And to top it all off I'm lucky if I have an average download speed of 10kB/s. If I can clear all of the content solo with all that, then surely almost(I say almost because there's always someone worse off) everyone else should be able to.

I'm on DSL, and even though the average upstream and downstream is a good shade better than that, my ISP is a colossal dick and loves to throttle the speeds at the worst times or just outright hates certain games and systems (I have weird issues with League of Legends that I don't experience on my University or work connection) and Bnet 2 is one of those problematic systems.

I stopped bothering with that after dropping on freaking BOT games in Starcraft 2. Seriously.

For the user there's a greater online security and seamless integration of social features(multiplayer, clans, groups etc).

See, I've never seen the necessity for that. Steam has clan and social media integrated directly into the client, and yet none of it requires the games to be Always Online.

For Blizzard there's greater control over what happens in game, hotfixes are easier to apply and less worry of piracy hurting profits.

Aye..I've elaborated at great length exactly how this system benefits Blizzard back before D3 released.

Though I will add that while I respect their desire to protect their revenue from piracy, I still take issue with their more blunt attempts to exploit their playerbase, and definitely their puzzling attempts at trying to defend always online with nonsense.

And yeah, having the choice is always better than not but it's easy to see the logic that was used in their decision. And ultimately, it didn't hurt the game all that much because statistics showed that the retention rate was only marginally lower than what it was for Diablo 2 after the same amount of time.

Sorry, even if you provided those stats, I would question their relevance.

First, Diablo 3 is only a year and a half out. Diablo 2 is nearly 13 years old. Statistical analysis becomes more accurate with more data. Even then, the picture for D3 isn't so rosy. Blizzard stopped posting population queues for D3, probably because the numbers are frankly embarassing. They may be selling tons of copies, but few people are actually sticking with the game. (best I can tell: monthly attach rates are at most 20%, and very likely much lower than that)

Second, comparing populations would be sketchy since target demographics has changed. In 2000 and 2001 I'd I seriously doubt the proportion of people who played online is fair representation of everyone that played Diablo 2.
Going back to attach rates, because D3 is always online, that's the true proportion of people that are still playing, whereas Diablo 2, well let people play offline.

(I will add that Diablo 2 had one of the longest shelf lives for a game I've ever seen. People were still buying it in retail at least through 2010 even as the online population flagged and waned.)

I dunno. Everything about Blizzard's new attitude towards their customers and how they've handled Diablo 3 just leaves a bad taste in my mouth. They used to be -the- standard for PC gaming, and now they've become the proponent of some of its worst schemes.

 

[Jack Nief]

You know there was this game which came out a while back. Neverwinter Nights. It had an offline mode, and an online mode. The online format came in two forms, Server Vault, and Local Vault. Server Vault characters were basically characters stored in the server you joined, and could not be directly altered save through administrative request. Local Vault was characters from your own machine, player-made items and all.

For the creation of Local Vault games, there was a box which said 'Enforce Legal Characters.' If a character's stats didn't 'match' its progression, for example, too many or too few skill points, hitpoints, or a nonvalid player race, that character could not enter. When this box was not checked, you could have an outsider raced character with 56000 hitpoints, 99 ability points, and 60 levels of sorcerer, paladin and rogue... though if you played with ELC turned off, you're basically asking for that to begin with. When its enforced, yeah, there's people that still get illegitimate stuff in, and their removal was largely up to the ones in charge of the server. Boots, bans, password protections, etc.

For Server vault, This was largely a minimal concern, due to the fact the character they played was stored on the host network, which meant they could not change or alter their character through an outside source, and so make them such a race, stat-beast, or whatever. Illegitimate characters were a significantly smaller problem, and was kept track of by the ones in charge of the server.

Offline, Open Online, and Closed Online. That's the best setup there is. Blizzard should look into adding it into their games.

...

...Except they did, back when they made Diablo II, which had an offline singleplayer, Open Battle.net and regular, closed Battle.net. SP and Open Battle.net could be used interchangeably, but regular Battle.net had your character stored in Blizzard's network. My question is, why the HELL were people mad about this? It was a setup that worked!

Long Story Short: Offline, Closed Online and Open Online was a good idea and other games went with it too because it worked.

 

[black_knight1337]

Spoiler: For Vylox

I played D2 consistently up until last year, and there was this nifty thing called a "rust storm", it was a small snippet of code that ran upon game creation, only on ladder, that would scan the database very quickly to detect dupes and hacks. It was implemented in 1.08.4 of LoD.
Map hack was a specific hack that allowed a player to see the whole map. And that was it.
Movement like teleport was part of a piece of equipment, specifically the runeword Enigma. I understand that there was a working hack to accomplish this, but under most circumstances it wouldn't be used much or often as the hack itself was reported to cause additional lag when being used.
Forcing people to drop gear happened anyway, when players would load up their inventories with charms and the like, it would prevent them from claiming their bodies after deaths from PvP. It was also a common occurrence for EVERY SINGLE Hard Mode character.

I still play D2 every now and then, I'm well aware of its history. The 'rust storm' was a pretty big thing which hit with 1.10 purging their database of all dupes. At the same time they updated Warden to scan for dupes when you make a game. Problem is though that duping is still going on, there's nothing stopping people creating long term trading games for them.

The thing about the ladder seasons for D2, is they didn't track PvP at all, but instead tracked experience gain and level progress.

While PvP wasn't officially tracked, there was still a lot of people who took it very seriously. As far as to host tournaments of various degrees.

The only real issue for D2 after 1.08.4 were the plethora of bots, which wasn't much of an issue anyhow as the majority of them welcomed more players in their games for increased drop rates, many would also automatically accept party requests and put up TPs so that lower level players could come to the area they were in and kill/gain exp and collect loot. Though a lot of them had lines that asked for others to not attack, but the drops were free game as were gaining essentially free experience from Diablo and Baal runs.

I know for a fact that there are players running bots for D3, as you can get them easily (Google search lists more than a dozen) and they aren't very difficult to create anyway.

Bots undermine the economy, which doesn't help anyone. And of course there are bots for D3, I never said there weren't. Pretty much every game can have/has bots, the best you can do is monitor users and ban when they look like bots.

I feel that I need to enlighten you about coding.
The difference in handling something server-side only and locally, for the same game, only requires variable modulation. A competent programmer can do this now relatively easily. The hypothetical offline code that is stored on your PC would use a different set of array variables, or an array itself, while the online only version could use a private class structure without bothering to use an array of stored values, or it could use a different set of arrays/function to access. Meaning that the code you have stored on your computer would differ from the online code by about 10%. Which can easily be handled by copy/paste and then changing a few key functions and variables. This would not cause development costs to "skyrocket", and would likely not increase said costs more than what it would cost to employ a competent programmer for a week.

It requires quite a bit more than just switching up the variables. What having an offline mode in the way it is usually done(background server) does is allow would-be hackers to find the weak points in the system. Modulating the variables doesn't help all that much in this regard. The would-be hacker would find said weak points, develop a way to exploit them and then apply that to the main server. Variable modulation would slow them down, but it would hardly prevent it. For it to be garunteed to work they would need to restructure the whole game so the weak points found offline can't be applied online because they don't exist. Of course other weak points would appear but that would go back to what I said about tracking.

As for adding and innovation... Yup D3 added and innovated, then removed the auction house feature because it was broken.

Not sure how that's a counter for much at all. The addition of the auction house wasn't the only thing changed.

Spoiler: For Stazdas

And how is that different to, say, having a website with a map open on screen 2?
Or the maps are randomly generated? If they are, they are generated on the server then, which means the server can simply deny the client acess to parts of the map the player "cant see". Make information available only on X distance from player and you solved the problem.

Yes they are randomly generated. Like I said before the typical offline mode(ie. local server) would give would-be hackers the means to see how these things work. If they know how they work then it becomes that much easier to hack.

Only if your online portion is badly coded to begin with. Seriuosly, you should never leave holes so big that anyone randomly piking the data sent to server may hack into it from there. I understand that its never possible to completely be hack free, but that will be true offline mode or no offline mode. and if you rely on your ability to catch and ban a person before he figures out the fault in your system because you didnt code the online mode safely then i would never trust such company with anything. Its like not running from a bear in the forest because you hope someone will distract him before he reaches you.

Yes, either way there will always be parts vulnerable to hacks. What I've been saying though is that if you deliver offline mode in the typical way then would-be hackers would be able to find the vulnerabilities in a no risk environment. Pure online means that while they are poking around looking for holes Blizzard can spot them and subsequently ban them.

So we got exmples of hack-free MMOs, that can be played offline (with cracks, private servers), and this does not compromise the actual online security. Pirates are relevant in this case because they are usually the ones having to do that work company was too lazy to do to make the game work without online checks and needing to insert discs and all that crap.

Like I said, you are bringing in what amounts to a hack as evidence for there being no hacks. And as for there actually being hacks for WoW, you're kidding yourself if you think there aren't.

But its easy to protect yourself against packets problems. packet is unknown/not what it should be? automatically reject it. Sure people with internet that looses packets on the way may suffer, but that is the blame on thier ISPs and not the game company. People that are actually hacking, will do so offline mode or no offline mode. people who gain ability to hack due to offline mode are easy to fend off if online mode is properly programmed.

And yet that is how most hacking gets done. The typical offline mode would let them find out how to change it in such a way that it does get accepted.

Fair enough, you have a point here.
The question however is, if it is worth sacrificing an offline mode for. And the answer is... subjective.

Yup, if it wasn't there wouldn't be ~2 years of discussions on it.

GTA5 did it, although no PC version yet.

I'm not at all sure how that is even remotely relevant.

To the best of my knowledge, which granted isnt inside knowledge but from what i could gather from the outside, Skidrow abandoned it becuase they thought it wasnt worth bothering.

Actually, I'm not referring to the Skidrow one.

Spoiler: For Atmos Duality

It would take a fair bit of data mining on their part to determine the high rollers, and who just was incidentally lucky.
Unless there's a LoLking or other such character catalog site for D3.

In the absence of that, it's far better to go for the heart and grab as many accounts as possible to drain at once.

There are trackers around, the major one being diabloprogress. And the D3 site itself lets you view anyone's profile as well. I get that they'd try to hit as many as possible rather than do it targeted but surely they'd be able to have another program running at the same time searching for specific accounts.

From what I saw from my sister etc, Diablo 3 was unplayable for the better part of the first two weeks on my ISP.

I can only talk from my own experiences but by the time I got home launch day it was fine for me. The time zone differences from here to the US would probably be why. Can't say why there would of been that ~2 week delay for your sister though, might of been some issues with the ISP as well.

I'm on DSL, and even though the average upstream and downstream is a good shade better than that, my ISP is a colossal dick and loves to throttle the speeds at the worst times or just outright hates certain games and systems (I have weird issues with League of Legends that I don't experience on my University or work connection) and Bnet 2 is one of those problematic systems.

I stopped bothering with that after dropping on freaking BOT games in Starcraft 2. Seriously.

Yeah, your ISP can be a big variable for these kind of things because ultimately it's up to them what route your connection takes.

See, I've never seen the necessity for that. Steam has clan and social media integrated directly into the client, and yet none of it requires the games to be Always Online.

Fair enough and Steam is a bit different. It's fine outside of the game but in-game there's not a lot that those features actually do. And even then, very few games actually take advantage of it, the only one that comes to mind is Portal 2.

Aye..I've elaborated at great length exactly how this system benefits Blizzard back before D3 released.

Though I will add that while I respect their desire to protect their revenue from piracy, I still take issue with their more blunt attempts to exploit their playerbase, and definitely their puzzling attempts at trying to defend always online with nonsense.

Heh, yeah, they really screwed up the PR on it. I have and do defend it to an extent but their reasons like the one in this thread just make little to no sense. They should have come out early on and just straight out said 'this is why we're doing it'. At least then it wouldn't constantly be a hot topic for interviews.

First, Diablo 3 is only a year and a half out. Diablo 2 is nearly 13 years old. Statistical analysis becomes more accurate with more data. Even then, the picture for D3 isn't so rosy. Blizzard stopped posting population queues for D3, probably because the numbers are frankly embarassing. They may be selling tons of copies, but few people are actually sticking with the game. (best I can tell: monthly attach rates are at most 20%, and very likely much lower than that)

Second, comparing populations would be sketchy since target demographics has changed. In 2000 and 2001 I'd I seriously doubt the proportion of people who played online is fair representation of everyone that played Diablo 2.
Going back to attach rates, because D3 is always online, that's the true proportion of people that are still playing, whereas Diablo 2, well let people play offline.

Here's what figures I'm going by. Firstly, we have only two numbers for how D3 is/was going. The first being the 12.6 million sales, the second being 3 million active after ~1 year. As for D2 figures, from a seemingly reliable source which cites Blizzard for their figures they had D2 at 4.2 million sales and then they have the sales for LoD(which was release ~1 year later) at 1.2 million. So D3 retention rate would be ~24% while D2's would be ~29%. And it could argued that that difference is thanks to so called "casual" players ie. people that don't even finish the game. Of course those figures could be miles of the mark but that's all we've got to go on. The interesting thing will be to see how the sales for RoS go.

(I will add that Diablo 2 had one of the longest shelf lives for a game I've ever seen. People were still buying it in retail at least through 2010 even as the online population flagged and waned.)

Yeah, that can be said for most of Blizzard's games. I still see copies of both D2 and SC1 sold at my local games shop.

 

[Atmos Duality]

There are trackers around, the major one being diabloprogress. And the D3 site itself lets you view anyone's profile as well. I get that they'd try to hit as many as possible rather than do it targeted but surely they'd be able to have another program running at the same time searching for specific accounts.

Well, this certainly proves that Blizzard is even more foolish than I thought by providing that data to the world.

I can only talk from my own experiences but by the time I got home launch day it was fine for me. The time zone differences from here to the US would probably be why. Can't say why there would of been that ~2 week delay for your sister though, might of been some issues with the ISP as well.

I live in the Chicago region, which is strike one admittedly because well, not a coast.
Strike two is that the ISPs around here are colossal fucking dicks who have carved up their regions and agreed to barely, if ever compete.

So, when I say that she couldn't play for two weeks, it's not entirely accurate by a technicality but quite accurate in practicality.

If she was lucky, could hit the character screen, load into the game, and then play for maybe a few minutes before it would time out, or freaky shit started happening.

I really do miss the days when Blizzard North was around since they operated pretty close to our region; we would still have to choose between East and West regions, but they must have had some proxy servers or such set up because even on dial-up it was pretty smooth for the most part.

Fair enough and Steam is a bit different. It's fine outside of the game but in-game there's not a lot that those features actually do. And even then, very few games actually take advantage of it, the only one that comes to mind is Portal 2.

Every Valve game has that (DotA2, Left4Dead 1&2), though looking down my list I can find.

Borderlands 2
Orcs Must Die 2
Torchlight 2
Saints Row the 3rd

(I think Killing Floor may have it too, but I haven't been able to test that)

Heh, yeah, they really screwed up the PR on it. I have and do defend it to an extent but their reasons like the one in this thread just make little to no sense. They should have come out early on and just straight out said 'this is why we're doing it'. At least then it wouldn't constantly be a hot topic for interviews.

I really want to know what they're hoping to accomplish with this. OK, the casual gamer might not be entirely privy to how things work, but they aren't the dissenters to address over Always Online; it's the core crowd.

Here's what figures I'm going by. Firstly, we have only two numbers for how D3 is/was going. The first being the 12.6 million sales, the second being 3 million active after ~1 year. As for D2 figures, from a seemingly reliable source which cites Blizzard for their figures they had D2 at 4.2 million sales and then they have the sales for LoD(which was release ~1 year later) at 1.2 million. So D3 retention rate would be ~24% while D2's would be ~29%. And it could argued that that difference is thanks to so called "casual" players ie. people that don't even finish the game. Of course those figures could be miles of the mark but that's all we've got to go on. The interesting thing will be to see how the sales for RoS go.

3 million a month probably isn't true today. Interpolated onto 14 million sales yields an attach rate of 20%.
It's not terribly accurate, I realize, but that was the last time Blizzard issued numbers for their online population.

They apparently implemented the /whois function from Diablo 2 into D3 only to disable it from what I could find.
The only reason for doing this is that they're afraid to show just how bad the attach rate is (probably to hide that figure from shareholders, because what does Blizzard fear from snarky nobodies like me on the net?) in a game that was banking on a high attach rate like WoW.

Also, what I've been finding reading through forums and Xfire usage, suggests that their usage numbers might be padded to hell with botters by now.

Still, you're right in that Reaper of Souls will be the real teller.

Now if you excuse me, I have to take shelter from a bloody tornado (no, I am not joking; the sirens are going off. What timing).

 

[Yuuki]

D3 on consoles has an offline mode with no BattleNet sign-in required. Therefore every reason Blizzard have given for PC being always-online is lies and bullshit (I mean more than it already was).

Actually I don't even think Blizzard are trying to give reasons anymore, "we didn't make that game" roughly translates to "because we said so, now fuck off".

 

[Edl01]

Diablo 3 is the reason I have an Anti-DRM policy. If a game has DRM like Sim City then I won't buy it.
And I realise how ironic that is when Steam is basically DRM, but the difference with Steam is that the amount of advantages I get from using it out-weigh the negative impact of the DRM. Name 1 advantage Diablo or Sim City get from being Always Online.

 

[Stublore]

By this devs logic we should the removal of always on, afterall it caused players quite a lot of concern and apparently good ole Blizz listens to their users and wants to only improve their gameplaying experience .