Blizzard Sued Over Battle.net Authenticators

[MeltedGeneral]

There is a free iOS and Android authenticator app made by Blizzard which you link it to your account so I don't see why they are suing over requiring to pay more to secure their data. It does the exact same thing the physical ones do.

http://itunes.apple.com/au/app/battle.net-mobile-authenticator/id306862897?mt=8
https://play.google.com/store/apps/details?id=com.blizzard.bma&hl=en

The only ones who should be crying are the ones without an Android or iOS device.

There's also a Battle.net Authenticator for Windows Phone 7 and BlackBerry made by Blizzard.
http://www.windowsphone.com/en-us/store/app/battle-net-authenticator/1347bbfb-bca2-e011-986b-78e7d1fa76f8
https://appworld.blackberry.com/webstore/content/13011/

 

[Evil Smurf]

I am glad there are still companies you can class-action lawsuit still.

 

[Ranorak]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

 

[INVALIDUSERNAME]

"Do you allow your customers to use case sensitive passwords, Blizzard?"
"...Well...you see, your Honor...we kinda don't...but-!"
"Guilty!"

Just make passwords case sensitive.
Why the BALLS aren't the passwords for battle.net accounts case sensitive? WHAT KIND OF ARCHAIC HOOPLAH IS THAT!?

 

[RicoADF]

I really don't see how it's the customer's fault if a hack occurs. If Blizzard insists that everyone who plays Diablo 3 has to make an account and be online/connected to their servers, doesn't it fall on them to ensure that their players' information is safe? If they are going to make it mandatory that I give them personal information, they damn well better be taking steps to secure the information on their end, because this kind of shit happens no matter what your password is if someone straight up hacks battle.net.

This suit is valid. Blizzard does not warn or advise anyone that their account isn't "truly" secure unless they have a smartphone or give them 6 bucks for a USB stick. They didn't make it at all clear before this that you can't use the RMAH unless you have a smartphone or give them 6 bucks. This suit is about Blizzard pushing the cost of one of their duties down to the consumer and profiting off of it. Please stop accepting this kind of crap and thinking it's totally cool. Nobody should demand personal information and refuse to keep it secure unless unspoken conditions are met.

I agree 100%, if their going to be storing our personal details then they should be required to offer the keys for free to those that don't have smart phones. Just because smart phones are getting common doesn't mean everyone has one.

 

[Pyrian]

...So it's perfectly okay for the game to require that you own a freakin' computer and, if online, an internet connection, but a $10 dongle or free App for existing wireless device is out of line?

 

[Epona]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

 

[Ranorak]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

 

[Shaidz]

I really don't see how it's the customer's fault if a hack occurs. If Blizzard insists that everyone who plays Diablo 3 has to make an account and be online/connected to their servers, doesn't it fall on them to ensure that their players' information is safe? If they are going to make it mandatory that I give them personal information, they damn well better be taking steps to secure the information on their end, because this kind of shit happens no matter what your password is if someone straight up hacks battle.net.

This suit is valid. Blizzard does not warn or advise anyone that their account isn't "truly" secure unless they have a smartphone or give them 6 bucks for a USB stick. They didn't make it at all clear before this that you can't use the RMAH unless you have a smartphone or give them 6 bucks. This suit is about Blizzard pushing the cost of one of their duties down to the consumer and profiting off of it. Please stop accepting this kind of crap and thinking it's totally cool. Nobody should demand personal information and refuse to keep it secure unless unspoken conditions are met.

There has only been one major hack of Battle.net and blizz went public about is as soon as they knew it happened AND they let everyone know what happened, what they are going to do about it and what was taken. If you are talking about account security then YES, it is the customers responsibility, blizz cant control wither or not you have a working anti virus or the comp at the net cafe doesn't have a key logger. So no, this suit is not valid. Blizz offers many ways you can secure your account ranging from locking your account if the IP address used to access your account does not follow your login patterns, SMS message services and the FREE, FREE I SAY FREE smart phone app. And the cost of the physical Authenticator is justified as it is a physical thing that needs to be made, programmed and shipped! They are a business, of cause they want to make some of that money back, i dont see how people can get so caught up about a business doing what they are supposed to...make money.

 

[Epona]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

 

[Ken Sapp]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

You are overlooking the fact that Blizzard is not the only company that is pretty much constantly under attack. With so many companies out there that are under attack at any given moment, why is it that Blizzard gets a free pass on its inadequate security measures? Especially if they are going to require a Battle.net account and an always on connection to play the single player portion of their games? I don't have a problem with them offering the authenticators for sale(the hardware does cost something to manufacture after all), but if they are going to make them a necessity for a secure online experience then they should include them in the game box instead of making them a separate purchase which is mildly suggested. In the meantime they need to do far more to beef up their own internal security.

 

[Ranorak]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

Again, the "hacks" are ALWAYS at the side of the CLIENT!

If I were to ask you in a mail to give me your bank account details, and you did.
Would you say that Bank of America has poor security? Cause 9 out of 10 cases this is what happens with Blizzard "hacks".

Notice how I keep saying "hacks" cause they're not hacks at all.

As for why Steam has less problems, I don't know. I'm sure they have their fair share of compromised accounts as well.

 

[Ranorak]

You are overlooking the fact that Blizzard is not the only company that is pretty much constantly under attack. With so many companies out there that are under attack at any given moment, why is it that Blizzard gets a free pass on its inadequate security measures? Especially if they are going to require a Battle.net account and an always on connection to play the single player portion of their games? I don't have a problem with them offering the authenticators for sale(the hardware does cost something to manufacture after all), but if they are going to make them a necessity for a secure online experience then they should include them in the game box instead of making them a separate purchase which is mildly suggested. In the meantime they need to do far more to beef up their own internal security.

Again, their security is FINE.
The client's isn't.

That's what the authenticator does.
It doesn't improve Blizzard's security at all, it improves the client's, that's where the problem lies.

If you literally give away your login details, what else is there for blizzard to protect?
Cause that's what these "hacks" are.

People give away their log in details, either knowingly (by buy from goldsellers) or unknowingly by getting keylogged.

These people then sell the characters' gear in order to keep the gold selling business flowing.

A steam account is nice to hack, but won't actually give you anything to sell, like in game gold.

 

[Catalyst6]

I can say this, I can understand where they are coming from with this. I've been a victim of un-recoverable amount of damages three times, to the point where I don't see much use in trying to protect things anymore. I understand that WoW is a huge target, but their security system is *god awful* and is partially why I stopped playing.

That being said, I'm thinking the people bringing the suit are going to have a hard time proving that the security holes were *intentional* like the suit seems to imply. That's a pretty damn tall order.

 

[RicoADF]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

Again, the "hacks" are ALWAYS at the side of the CLIENT!

If I were to ask you in a mail to give me your bank account details, and you did.
Would you say that Bank of America has poor security? Cause 9 out of 10 cases this is what happens with Blizzard "hacks".

Notice how I keep saying "hacks" cause they're not hacks at all.

As for why Steam has less problems, I don't know. I'm sure they have their fair share of compromised accounts as well.

The compromise is not always on the users side, that's a common source but not the only one. Also blizzard has been hacked and had info stolen, they informed the public however the fact remains that their not securing their system adequately, esp considering their clearly a target. Another point, to your previous post, if someone's account is compromised by malicious software from the blizzard website then they are responsible for not securing it correctly. They should provide the authenticators for free (preferably in the game box) as its clear there's an issue. My bank gave me one for free, if a bank can be that generious then it says something for blizzards greed.

 

[Shaidz]

You are overlooking the fact that Blizzard is not the only company that is pretty much constantly under attack. With so many companies out there that are under attack at any given moment, why is it that Blizzard gets a free pass on its inadequate security measures? Especially if they are going to require a Battle.net account and an always on connection to play the single player portion of their games? I don't have a problem with them offering the authenticators for sale(the hardware does cost something to manufacture after all), but if they are going to make them a necessity for a secure online experience then they should include them in the game box instead of making them a separate purchase which is mildly suggested. In the meantime they need to do far more to beef up their own internal security.

Again, their security is FINE.
The client's isn't.

That's what the authenticator does.
It doesn't improve Blizzard's security at all, it improves the client's, that's where the problem lies.

If you literally give away your login details, what else is there for blizzard to protect?
Cause that's what these "hacks" are.

People give away their log in details, either knowingly (by buy from goldsellers) or unknowingly by getting keylogged.

These people then sell the characters' gear in order to keep the gold selling business flowing.

A steam account is nice to hack, but won't actually give you anything to sell, like in game gold.

Totally agree, people need to get their facts right, Blizz has awesome security server side, only one major hack in its life time, that's actually a really good track record, its all the people out there who think they dont need Anti virus, giving you account details out is a smart thing to do and dont know the difference between a 'hack' and them being lax on THEIR computer security.

 

[Ranorak]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

Again, the "hacks" are ALWAYS at the side of the CLIENT!

If I were to ask you in a mail to give me your bank account details, and you did.
Would you say that Bank of America has poor security? Cause 9 out of 10 cases this is what happens with Blizzard "hacks".

Notice how I keep saying "hacks" cause they're not hacks at all.

As for why Steam has less problems, I don't know. I'm sure they have their fair share of compromised accounts as well.

The compromise is not always on the users side, that's a common source but not the only one. Also blizzard has been hacked and had info stolen, they informed the public however the fact remains that their not securing their system adequately, esp considering their clearly a target. Another point, to your previous post, if someone's account is compromised by malicious software from the blizzard website then they are responsible for not securing it correctly. They should provide the authenticators for free (preferably in the game box) as its clear there's an issue. My bank gave me one for free, if a bank can be that generious then it says something for blizzards greed.

1) they were hacked, ONCE, no info was stolen and no accounts were compromised.

2)It's not the official blizzard sites that get targeted, it's fan-sites (HUUUUGE popular fan-sites like WoWhead and Wowwiki)

3)You mean like the free one for phones, yeah real greedy.
Or you mean the one that costs 10 euro, with a free in-game pet. Where all costs goes directly to the authenticator's producer and none to blizzard, again, real greedy.

 

[RicoADF]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

Again, the "hacks" are ALWAYS at the side of the CLIENT!

If I were to ask you in a mail to give me your bank account details, and you did.
Would you say that Bank of America has poor security? Cause 9 out of 10 cases this is what happens with Blizzard "hacks".

Notice how I keep saying "hacks" cause they're not hacks at all.

As for why Steam has less problems, I don't know. I'm sure they have their fair share of compromised accounts as well.

The compromise is not always on the users side, that's a common source but not the only one. Also blizzard has been hacked and had info stolen, they informed the public however the fact remains that their not securing their system adequately, esp considering their clearly a target. Another point, to your previous post, if someone's account is compromised by malicious software from the blizzard website then they are responsible for not securing it correctly. They should provide the authenticators for free (preferably in the game box) as its clear there's an issue. My bank gave me one for free, if a bank can be that generious then it says something for blizzards greed.

1) they were hacked, ONCE, no info was stolen and no accounts were compromised.

2)It's not the official blizzard sites that get targeted, it's fan-sites (HUUUUGE popular fan-sites like WoWhead and Wowwiki)

3)You mean like the free one for phones, yeah real greedy.
Or you mean the one that costs 10 euro, with a free in-game pet. Where all costs goes directly to the authenticator's producer and none to blizzard, again, real greedy.

If their going to require online accounts for games like star craft and Diablo then they should be required to provide an authenticator (especially when a lot of us just want to play SP/LAN MP. I don't care about WoW but since there's an issue once again they should provide the authenticator for free to those without smart phones. They make enough, regardless of weather they make money off the authenticator, they do make money off the game and thus they should provide the extra security for those without smart phones.

edit: note it doesn't have to be a physical one like what they have, an email based one like steam but sent on every login would work too.

 

[Ranorak]

So you have to buy an expensive smartphone to be able to use the FREE authenticator. If you don't have a smartphone you have to buy the authenticator and don't claim the thing is optional, I had my account compromised once too and it's the only account I have ever had compromised.

I would say that the authenticators really are needed and they aren't really free.

It IS optional.
Like it or not, the "hack" is ALWAYS on the users end.
Can you 100% prevent it, no. Is it somehow blizzard's fault, No!

Most "hacks" are viruses or malware that log your login details from YOUR Pc.
These are usually from:
* WoW related sites (most of the time the site is unaware of this)
*giving your details to goldbuy/sell websites.
*phising mails like the one described above.

The last 2 is just user stupidity, the first one is the hardest to protect yourself against, but AGAIN, it's all on the client side.

Blizzard is selling the authenticators (or FREE apps) to provide with a added layer of security.
Like an additional lock on a door.
They sell these for 10 euro with 0 profit, and (if this still applies, it did when I bought one) you get a free in-game pet who are for sale at 10 euro as well.

This is an open and shut case.
Blizzard provides almost free additional locks for your door, if you leave them open, don't sue the locksmith.

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

Of course not, WoW is huge, why pick other (smaller) markets when there is the behemoth called Blizzard.

Big company, lots of vultures.

I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

Again, the "hacks" are ALWAYS at the side of the CLIENT!

If I were to ask you in a mail to give me your bank account details, and you did.
Would you say that Bank of America has poor security? Cause 9 out of 10 cases this is what happens with Blizzard "hacks".

Notice how I keep saying "hacks" cause they're not hacks at all.

As for why Steam has less problems, I don't know. I'm sure they have their fair share of compromised accounts as well.

The compromise is not always on the users side, that's a common source but not the only one. Also blizzard has been hacked and had info stolen, they informed the public however the fact remains that their not securing their system adequately, esp considering their clearly a target. Another point, to your previous post, if someone's account is compromised by malicious software from the blizzard website then they are responsible for not securing it correctly. They should provide the authenticators for free (preferably in the game box) as its clear there's an issue. My bank gave me one for free, if a bank can be that generious then it says something for blizzards greed.

1) they were hacked, ONCE, no info was stolen and no accounts were compromised.

2)It's not the official blizzard sites that get targeted, it's fan-sites (HUUUUGE popular fan-sites like WoWhead and Wowwiki)

3)You mean like the free one for phones, yeah real greedy.
Or you mean the one that costs 10 euro, with a free in-game pet. Where all costs goes directly to the authenticator's producer and none to blizzard, again, real greedy.

If their going to require online accounts for games like star craft and Diablo then they should be required to provide an authenticator (especially when a lot of us just want to play SP/LAN MP. I don't care about WoW but since there's an issue once again they should provide the authenticator for free to those without smart phones. They make enough, regardless of weather they make money off the authenticator, they do make money off the game and thus they should provide the extra security for those without smart phones.

Why?

I feel like a broken record for saying this, but it's not blizzard's fault.
In the end, a bank is guarding REAL money, not fake in-game gold.
In your Blizzard account gets hacked, you're annoyed, if your bank account gets "hacked" you're possibly screwed for life.

I don't see why an entertainment company has to hand out free stuff, just because most users give away their security details?

Could they? Yes, probably. They'd make a small loss every time they do.
Should they? No, Blizzard already does enough <a href=http://www.escapistmagazine.com/news/view/120578-World-of-Warcrafts-Cinder-Kitten-Benefits-Hurricane-Sandy-Relief> Charity and is in no way obligated to protect people who can't protect them selves.

 

[Ken Sapp]

You are overlooking the fact that Blizzard is not the only company that is pretty much constantly under attack. With so many companies out there that are under attack at any given moment, why is it that Blizzard gets a free pass on its inadequate security measures? Especially if they are going to require a Battle.net account and an always on connection to play the single player portion of their games? I don't have a problem with them offering the authenticators for sale(the hardware does cost something to manufacture after all), but if they are going to make them a necessity for a secure online experience then they should include them in the game box instead of making them a separate purchase which is mildly suggested. In the meantime they need to do far more to beef up their own internal security.

Again, their security is FINE.
The client's isn't.

That's what the authenticator does.
It doesn't improve Blizzard's security at all, it improves the client's, that's where the problem lies.

If you literally give away your login details, what else is there for blizzard to protect?
Cause that's what these "hacks" are.

People give away their log in details, either knowingly (by buy from goldsellers) or unknowingly by getting keylogged.

These people then sell the characters' gear in order to keep the gold selling business flowing.

A steam account is nice to hack, but won't actually give you anything to sell, like in game gold.

Totally agree, people need to get their facts right, Blizz has awesome security server side, only one major hack in its life time, that's actually a really good track record, its all the people out there who think they dont need Anti virus, giving you account details out is a smart thing to do and dont know the difference between a 'hack' and them being lax on THEIR computer security.

Do either of you work for Blizzard? I'm just wondering since you seem to have such intimate details about how "awesome" their server-side security is, to know for a fact that "all hacks" are client-side. As an IT professional I know that there is no such thing as perfect security and every system gets hacked eventually. Thinking that a system as large and attractive as Blizzard's has a perfect record is naive.

If their first response to any security question of incident is to say get an authenticator and they require an online account to use software which should have no need of it, then they should be included in the package. And if I recall correctly the first hacks of Diablo III accounts was accomplished in-game to people who did not disable public games, hardly a client-side hack when it was the default behavior. Its been a while so I don't remember all the details.

There are plenty of services that manage to provide adequate security on a daily basis. There are libraries of information for secure networks and accounts. Surely Blizzard makes enough money off of its games sales and subscriptions to pay for few developers to secure their systems.

I did not say it before, but I will now. IMO the lawsuit deserves to fail as Blizzard also offers email and SMS authentication IIRC. Regardless, there are a few methods Blizzard could implement tomorrow to improve its account security strength, most notably making passwords case-sensitive.