Blizzard Sued Over Battle.net Authenticators

[DrunkOnEstus]

Snip

I totally understand that if someone decides to be a regular internet user, then they have the responsibility of making sure that they're secure. It's incredibly easy to find 1 or more programs that practically take care of it for you if you don't click every link in your e-mail.

That said, Blizzard does have some responsibility of ensuring that the data they hold of yours is secure as well. Because they do get hacked, independently of what passwords people use or whether they keep viruses/malware off of their computer. Here's some sauce about that:

http://www.gamespot.com/news/blizzard-confirms-battlenet-hacked-6391135
http://www.computerandvideogames.com/362286/blizzard-hacked-battlenet-data-stolen/

Links even state that the authenticators themselves were compromised. I feel personally that user and company are both obliged to secure their respective data. That said, I understand the argument totally that "if you need an authenticator at all, then it's a fail on your part." But the point here is that this isn't the whole picture. Before this became an issue, it isn't made clear before sale that you NEED the authenticator to take place in the RMAH. It would be different if someone got hacked and you pointed and said "well that's your fault, you don't keep viruses out of your computer/didn't buy an authenticator." This is being blocked from a major focus of the game whether you take precautions or not.

Granted, I don't have a smartphone or anything that runs "apps" that don't execute with sh or .exe. And I will admit that I'm still bitter about the whole thing. I'd need to spend an extra 6 bucks to plug in a USB stick in order to forcibly play Diablo online alone or otherwise, if I want to make money off of my non-MMO online game. I don't like the whole idea of Diablo being an RL money making venture, it just strikes me as them deciding to move the black market in-house and profit off of it continuing to happen. That aside, I apologize if that whole mindset causes me to be biased about this.

 

[gmaverick019_v1legacy]

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

gotta agree with this,

and before anyone mentions, no, i don't play WoW or touch anything WoW related, i have and have always had my anti virus software up to date, the only e-mails I ever open are on my school e-mail from my school, and i'm not some old grandpa who can't smell a phishing scam a mile away anyways.

the fact that blizzard requires you to run their game through the battle.net account and has so many user related security problems, i would still call that a problem, as stated by crono I have never had this happen with any other digital account I've ever had, especially steam. And I can say the same for all my friends I know that play SCII/WoW and have steam accounts also.

and as i mentioned in my previous post, i never once played in any public rooms with anyone at all, and i had the game for a week and a half before it was stolen, i really don't think it's coincidence or more probable that it's always the users fault as many of you are saying.

I don't know if you know this but people don't hack WoW accounts cause they want to play WoW. They hack them so they can sale everything on the account for in game gold then steal all the gold on the account so that they can then sell that gold to players who buy it. Comparing it to Steam is a poor arguement cause there is nothing on Steam that you can make a relatively quick get away with.

WoW is a target cause it is the biggest MMO on the market therefore it has the largest potential gold selling market therefore if is by far more lucrative to hack a WoW then it is to hack an account from pretty much every other MMO in existence.

People are not hacking battle.net accounts for credit card numbers. I can't get more then the last 4 digits of my CC number of my account and neither could anyone that managed to hack it.

oh i understand what you mean, and i don't put my CC on their anyways, but that wasn't the exact point I was going for, it was the mere fact of being hacked on a "just because" basis, not based on some fiscal value. And now that you mentioned that, Blizzard has failed on some level if people can get away with that on such a risk free basis, while on steam you're going to have to jump through hoops and hoops to really get away with anything at all. (note: just using steam as an example, not the prime end all be all structure of how it should be)

then again, this is still just slight bitterness of having to be online for diablo III...*sigh* (no I didn't buy the game, it was given as a gift, so if someone is reading don't quote me saying I shouldn't have bought it.)

It is risk free behavior because it is not against the law in most places (if any) to steal virtual gold. Blizzard makes people jump through plenty of hoops I have had to call them to get my account unlocked before because I logged on to WoW while across the country on business they noticed the unusual activity and locked my account until I could prove I was me.

okay yeah, it isn't illegal, but that doesn't discern the fact that the person is a douche, if you spent alot of work doing an awesome (and i mean fuckin awesome) side walk chalk drawing for days and someone came by and ruined it via whatever reason, wouldn't you be pretty pissed? they didn't do anything illegal, but they were definitely a douchebag.

fair enough, I just don't see why they don't do that universally for the battle.net accounts, (hate to use steam again, but it works folks) they should make you go through the e-mail via a code you get anytime you log on to a new computer, so your account/game stays safe from hackers that way, and if they can hack both your e-mail and your game account, then yeah, you're either doing something very wrong or they are physically at/by your computer getting the info.

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again now, but if you really want SOME reason for a steam account, it is as simple as using it for tf2 and key farming, as steam keeps your credit card details on hand for fast/easy buying (just went and double checked to make sure)

also, once again, i don't use wow, nor have ever touched it, yet my account was hacked faster than i even had a chance to beat D3, which is why i was talking about my explicit case. Steam isn't doing anything special?

I explicitly explained that steams method was much better than what battle.net does, otherwise my account would've been fine. It has nothing to do with what they COULD take, it is HOW they could take it.

Aren't you cute you busted of a meme.

Fiscal value has everything to do with the frequency as to why Blizzard accounts get hacked over Steam accounts. Just so you know D3 has gold in it that can be stolen and turned into cash in the same manner as the gold in WoW. You don't seem to understand the fundamental reason why D3 and WoW accounts are hacked. It is not about a dick hole hacking into your account to destroy your chalk art for the sake of being an asshole. It is a business (albeit one where you have to be an asshole) and if there is no way to turn a profit there is no reason to hack an account.

Nothing is hack proof. If there were a way to turn hacked Steam accounts into a profitable business I guarantee that some one would find away to break Steam security and go to town.

Also wasn't Steam hacked a few month back, I remember having to change my password.

Google says! YES!

http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/

So would you care to explain to me again how Steam does stuff better then anyone else.

okay how many times do i need to say this to you? I was not arguing the fiscal value, any child with a single brain cell can understand that hacking a battle net account is much more worth anything, i was never arguing against that.

Spoiler: just in case you aren't catching my drift I have mentioned already again and again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

and I never once said steam was hackproof, nor was I trying to prove that it was hackproof, I was merely stating it's security was better for me, as a user, by making every user verify through their e-mail everytime they use a new computer, so when my battle.net account was hacked, that simple piece of security would've stopped them dead in their tracks until they also hacked my e-mail account.

you started the quote/attack war, so would you please stay on topic to what I was discussing, and stop bringing up shit that I wasn't arguing in the first place.

 

[RoBi3.0]

It's interesting that no other online account I have ever had needed the extra security of an authenticator.

gotta agree with this,

and before anyone mentions, no, i don't play WoW or touch anything WoW related, i have and have always had my anti virus software up to date, the only e-mails I ever open are on my school e-mail from my school, and i'm not some old grandpa who can't smell a phishing scam a mile away anyways.

the fact that blizzard requires you to run their game through the battle.net account and has so many user related security problems, i would still call that a problem, as stated by crono I have never had this happen with any other digital account I've ever had, especially steam. And I can say the same for all my friends I know that play SCII/WoW and have steam accounts also.

and as i mentioned in my previous post, i never once played in any public rooms with anyone at all, and i had the game for a week and a half before it was stolen, i really don't think it's coincidence or more probable that it's always the users fault as many of you are saying.

I don't know if you know this but people don't hack WoW accounts cause they want to play WoW. They hack them so they can sale everything on the account for in game gold then steal all the gold on the account so that they can then sell that gold to players who buy it. Comparing it to Steam is a poor arguement cause there is nothing on Steam that you can make a relatively quick get away with.

WoW is a target cause it is the biggest MMO on the market therefore it has the largest potential gold selling market therefore if is by far more lucrative to hack a WoW then it is to hack an account from pretty much every other MMO in existence.

People are not hacking battle.net accounts for credit card numbers. I can't get more then the last 4 digits of my CC number of my account and neither could anyone that managed to hack it.

oh i understand what you mean, and i don't put my CC on their anyways, but that wasn't the exact point I was going for, it was the mere fact of being hacked on a "just because" basis, not based on some fiscal value. And now that you mentioned that, Blizzard has failed on some level if people can get away with that on such a risk free basis, while on steam you're going to have to jump through hoops and hoops to really get away with anything at all. (note: just using steam as an example, not the prime end all be all structure of how it should be)

then again, this is still just slight bitterness of having to be online for diablo III...*sigh* (no I didn't buy the game, it was given as a gift, so if someone is reading don't quote me saying I shouldn't have bought it.)

It is risk free behavior because it is not against the law in most places (if any) to steal virtual gold. Blizzard makes people jump through plenty of hoops I have had to call them to get my account unlocked before because I logged on to WoW while across the country on business they noticed the unusual activity and locked my account until I could prove I was me.

okay yeah, it isn't illegal, but that doesn't discern the fact that the person is a douche, if you spent alot of work doing an awesome (and i mean fuckin awesome) side walk chalk drawing for days and someone came by and ruined it via whatever reason, wouldn't you be pretty pissed? they didn't do anything illegal, but they were definitely a douchebag.

fair enough, I just don't see why they don't do that universally for the battle.net accounts, (hate to use steam again, but it works folks) they should make you go through the e-mail via a code you get anytime you log on to a new computer, so your account/game stays safe from hackers that way, and if they can hack both your e-mail and your game account, then yeah, you're either doing something very wrong or they are physically at/by your computer getting the info.

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again now, but if you really want SOME reason for a steam account, it is as simple as using it for tf2 and key farming, as steam keeps your credit card details on hand for fast/easy buying (just went and double checked to make sure)

also, once again, i don't use wow, nor have ever touched it, yet my account was hacked faster than i even had a chance to beat D3, which is why i was talking about my explicit case. Steam isn't doing anything special?

I explicitly explained that steams method was much better than what battle.net does, otherwise my account would've been fine. It has nothing to do with what they COULD take, it is HOW they could take it.

Aren't you cute you busted of a meme.

Fiscal value has everything to do with the frequency as to why Blizzard accounts get hacked over Steam accounts. Just so you know D3 has gold in it that can be stolen and turned into cash in the same manner as the gold in WoW. You don't seem to understand the fundamental reason why D3 and WoW accounts are hacked. It is not about a dick hole hacking into your account to destroy your chalk art for the sake of being an asshole. It is a business (albeit one where you have to be an asshole) and if there is no way to turn a profit there is no reason to hack an account.

Nothing is hack proof. If there were a way to turn hacked Steam accounts into a profitable business I guarantee that some one would find away to break Steam security and go to town.

Also wasn't Steam hacked a few month back, I remember having to change my password.

Google says! YES!

http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/

So would you care to explain to me again how Steam does stuff better then anyone else.

okay how many times do i need to say this to you? I was not arguing the fiscal value, any child with a single brain cell can understand that hacking a battle net account is much more worth anything, i was never arguing against that.

Spoiler: just in case you aren't catching my drift I have mentioned already again and again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

once again, i wasn't pointing out the fiscal value, i have no idea why you're latching onto again

and I never once said steam was hackproof, nor was I trying to prove that it was hackproof, I was merely stating it's security was better for me, as a user, by making every user verify through their e-mail everytime they use a new computer, so when my battle.net account was hacked, that simple piece of security would've stopped them dead in their tracks until they also hacked my e-mail account.

you started the quote/attack war, so would you please stay on topic to what I was discussing, and stop bringing up shit that I wasn't arguing in the first place.

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

 

[Baneat]

Blizzard does its users a solid by offering authenticators at a price that prevents them from profiting from promoting user security. They get sued.

Fuck these guys

 

[Andrew_C]

Blizzard does its users a solid by offering authenticators at a price that prevents them from profiting from promoting user security. They get sued.

Fuck these guys

Those authenticators are exactly the same as the ones the banks give to you for free, just in a fancy case. There is no reason they couldn't include one in boxed copies of their games.

 

[gmaverick019_v1legacy]

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

 

[WhiteTigerShiro]

I think Steam is pretty big too, never had any type of problems with them. Bank of America is pretty damn big too but once again, no problems with them.

Blizzard wants to force every game online as a DRM measure but they lack the ability to protect the accounts without an authenticator.

You're comparing apples and oranges. Steam doesn't have as many problems with people's accounts getting hacked (if any) because there's nothing you can do with someone's account. I guess you can fish through their gifts to see if there's anything in there, but even then there's no money to be made. Few people buy games from other people via Steam, usually they just trade with other people who have games they can gift. And a bank doesn't deal in virtual product at all. A hacker could do some damage, I suppose, but it'd be temporary at best. On that, the bank has a LOT of laws to protect its own ass, where games don't.

Yeah, just keep making excuses for the fact that Blizzard has more security issues than most.

Actually, no, they don't. You know how Steam's forums were hacked? The PSN hack? Even Nintendo and I think Microsoft have had their services hacked. Heck, I even got an email one day from the Bioware forums telling me that I should change my passwords. Damn near everyone has had their own services attacked in this manner; except for Blizzard. Pretty much every time someone's account is hacked in WoW or D3 it's because the client (aka: the player) allowed a keylogger onto their system, or went to a third party site where they provided their password, or did some other stupid thing that allowed the farmers to get onto their account.

So explain to me how it's Blizzard's fault when you give your username and password to someone else? To say that "Blizzard has more security issues" is like Mac users bragging about how the iOS is "hack-proof" and impossible to design viruses for.

 

[RoBi3.0]

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

 

[gmaverick019_v1legacy]

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

 

[Something Amyss]

If you have a mobile phone it is free, to my knowledge you only have to pay if you want the authenticator stick (basically a small USB stick with the authenticator on it) and I think even then you pay for the hardware more than the program on it.

I'm just curious: do they advertise this? The reason I ask is the assertion from the suit is more or less that they don't really tell people about it until after the fact.

Which would also beg the question as to why they don't just package the technology, but I don't know enough about this situation.

 

[Subscriptism]

It's official, blizzard are rating at a 0.7 EA units of corporate evilness.

 

[RoBi3.0]

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

I wasn't going to point this out as you said you were done responding to me but since you did respond. I will further explain while e-mail verification is a stupid idea for battle.net accounts. Blizzard log in credentials use your e-mail address you know the one linked to your account the one that a e-mail verification would be sent to. If a hacker had your log in credentials he would have half of you e-mail credentials which essentially means all e-mail verification would be is a second password to get into your account. A password that could be gotten in roughly the same manner that a large majority of user information is gotten in Blizzard hacks. If a second password was actually an effective means of online security all online accounts would have 2 passwords.

Furthermore, you say Steam has never failed you client side, but refuse to listen to logically explanation has to why most hackers are not focusing hacking efforts on Steam accounts, because there is no profits in it.

I could park a beater Pinto station wagon next a custom Lamborghini and lock the doors of both cars. If one of the two cars is stolen there is a higher probability that the Lamborghini would be the one stolen and it wouldn't be because the the door locks on the Pinto were hard to get through. but you don't want to hear that cause it "isn't on topic". Steam is less likely to get hacked because it is a target less often. Plain and simple.

 

[Zenn3k]

It's optional. If you can't keep your own account safe, then you deserve it.

Many many Diablo 3 accounts were hacked without any virus, spyware, keyloggers, or other such programs installed in the host computer, Diablo 3 was vulnerable to brute force password hacking up until a "stealth patch" around 1.01b or so, addressed the issue and stopped it outright.

So, its not always the users fault.

 

[Zenn3k]

It's optional. If you can't keep your own account safe, then you deserve it.

oh right, because on diablo III, the fact that I never played with anyone and never have been hacked/phished before, means that i'll be 100% safe?

yeah right, try again, my account was stolen within a week and a half of having the game, and it was the biggest pain in the ass trying to get it back with blizzards stupid support, because you have to call in and their lines are either always flooded or they don't have anyone to help you at the moment.

Same here, first week, account hacked, everything taken...I got a rollback, but still, first week, actually...it was 4 days after purchase.

This was after going YEARS on WoW without security compromise, and I'm very careful about what I download and install.

 

[mrdude2010]

There is a free iOS and Android authenticator app made by Blizzard which you link it to your account so I don't see why they are suing over requiring to pay more to secure their data. It does the exact same thing the physical ones do.

http://itunes.apple.com/au/app/battle.net-mobile-authenticator/id306862897?mt=8
https://play.google.com/store/apps/details?id=com.blizzard.bma&hl=en

The only ones who should be crying are the ones without an Android or iOS device.

There are plenty of people who don't have smartphones, requiring them to pay more for extra security is stupid. I do a good job of keeping my information safe so I'm not exactly worried about not having one, but that doesn't mean something bad won't happen and someone won't get your info anyway, no matter what precautions you take.

 

[Vulpis]

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

Hats. Vintage items. Anything else tradable in TF2, just off the top of my head.

Though wasn't there an article a while back that pointed out that the authenticator setup had already been cracked?

And as for the whole 'It's *always* the client's fault!'--all the client-side security in the world doesn't do a bit of good if the brats copy off the user and password files. Ask Sony about that one...and crackers are like cockroaches--if you spot one, there's probably at least a dozen more crawling around unseen.

 

[RoBi3.0]

Will you please explain to me what of value you can get from a Steam account that you can then turn around and sale. Cause I still don't understand why you think steam is similar to Blizzards situation. Simple put how would you monetized hacked Steam accounts in away that it would compare to the profit of hacking WoW accounts. Every WoW has gold not every steam account has stuff setting in its inventory waiting to be stolen. Steam isn't doing anything special.

Hats. Vintage items. Anything else tradable in TF2, just off the top of my head.

Though wasn't there an article a while back that pointed out that the authenticator setup had already been cracked?

And as for the whole 'It's *always* the client's fault!'--all the client-side security in the world doesn't do a bit of good if the brats copy off the user and password files. Ask Sony about that one...and crackers are like cockroaches--if you spot one, there's probably at least a dozen more crawling around unseen.

Yes, of course hats why didn't I think of that cause TF2 hats are on every Steam account and a hacker can get a guaranteed pay out even if it is a small one. I did think we were arguing non-client side security. [If we are I think you already stated that you figure blizzard has better security on their end].

Yes databases can be hacked and I don't think there is a game company of note that hasn't been hacked it happens. I don't believe I ever said hacks happen exclusively on the client side as that is obviously not the case. Most of my agreement thus far have been about client side hacks because that is what we have been talking about.

Also I have not heard anything about authenticators being cracked and I follow Blizzard news tightly, so if it had happened I would know about it. Maybe you are referring to a database hack that happened back in August where hackers accessed encrypted mobile authenticator serial numbers. These number are used to sync mobile authenticators to accounts. At best if the encryption was cracked hackers could have cloned authenticators, but this is easily countered by getting a new mobile authenticator number, which blizzard made everyone do. This incident is no where near cracking the authenticator system. So unless you can link a credible article about the authenticator system being cracked I am going to have to call BS on that point.

Edit: just realized you are not the person that has been arguing with me for the last day and half. Was responding from my phone which made your user name hard to read. Some of what I said does apply to you I will put it in brackets. I apologize for the confusion.

 

[gmaverick019_v1legacy]

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

I wasn't going to point this out as you said you were done responding to me but since you did respond. I will further explain while e-mail verification is a stupid idea for battle.net accounts. Blizzard log in credentials use your e-mail address you know the one linked to your account the one that a e-mail verification would be sent to. If a hacker had your log in credentials he would have half of you e-mail credentials which essentially means all e-mail verification would be is a second password to get into your account. A password that could be gotten in roughly the same manner that a large majority of user information is gotten in Blizzard hacks. If a second password was actually an effective means of online security all online accounts would have 2 passwords.

Furthermore, you say Steam has never failed you client side, but refuse to listen to logically explanation has to why most hackers are not focusing hacking efforts on Steam accounts, because there is no profits in it.

I could park a beater Pinto station wagon next a custom Lamborghini and lock the doors of both cars. If one of the two cars is stolen there is a higher probability that the Lamborghini would be the one stolen and it wouldn't be because the the door locks on the Pinto were hard to get through. but you don't want to hear that cause it "isn't on topic". Steam is less likely to get hacked because it is a target less often. Plain and simple.

i know how it works, i'm just saying it adds another layer of security that would've required more effort on the hackers part, as he would then have to figure out a way to get my e-mail password also. Please tell me how that would impede the user that much more to have to verify their computer each time they used it at a different location.

Logical explanation? I have not once argued that hackers are not going for blizzard accounts over steam/*insert account here*, Stop ignoring the fact that I have said MULTIPLE times that blizzard has more to offer via their accounts. I've said it in multiple posts, I wasn't referring to the quantity of what they could steal, or how much they could steal, it was HOW they could steal it.

If you can't comprehend basic english as to what I've been saying the past 8 or so posts, then don't bother responding, I've not once argued that Blizzard has more attacks/hackers going for it, yet you have this silly notion in your head that I cannot comprehend what your saying, when in fact I was never arguing that at all.

 

[RoBi3.0]

Whats a matter? U mad Bro?

Just because you have experienced more security issues on battle.net then on Steam does not equal Steam has better over all security that is antidote evidence at best.

Since you clearly aren't discussing my points and choose to give immature child responses, I'll just stop after this response.

Please tell me how steams e-mail authenticator for new computer usage would not be good to implement something similar for battle.net accounts.

Once again, in some of my original posts, not once did I hold up steam as a beacon of ultimate security, but that one single security measure would have prevented many accounts from being hacked, which has been my point throughout all these posts, unless you're going to tell me that it would be harder to implement then authenticators.

First off you are the one that thought it was cute to post memes I returned the favor.

Second, I know I am fixing to point out the painfully obvious, but do you know what else would have stopped your D3 hacker dead in their tracks?..... An authenticator you know that thing blizzard offer to people for free if they have a smartphone or tablet and at cost for those who don't. Hell up until a few months ago they offered phone in authenicator service that could be used on that any phone smart or not. They discontinued the service cause hardly anyone used it. I would also like to point out that an authenticator is by far more effective then e-mail verification cause as you pointed out if your e-mail compromised that feature might as well not be there. Since keyloggers are employed frequently in blizzard hacks I think it is safe to say maybe your e-mail would be compromised as well. Authenticators are not so easily compromised, and therefore more effective.

because you were being an unnecessary smart ass, Instead of discussing what I was talking about.

Do I have to point out the painfully obvious, is that not everyone has a smartphone or tablet? (Such as myself) Buying something extra for a game that I have zero interaction with anyone else should not be required, ever, and is just plain lazy that I would have to purchase something extra for it.

I'm not arguing that an authenticator is not more effective, I never once said that, so please stop pointing it out when I have not ONCE ARGUED IT. but is it free for me? no it is not, which is why I pointed to steam's e-mail authenticator as a better solution for the basic security. Blizzard might/probably does have better server side security, but steam has yet to fail me on the user side of it, as others had mentioned as well.

I wasn't going to point this out as you said you were done responding to me but since you did respond. I will further explain while e-mail verification is a stupid idea for battle.net accounts. Blizzard log in credentials use your e-mail address you know the one linked to your account the one that a e-mail verification would be sent to. If a hacker had your log in credentials he would have half of you e-mail credentials which essentially means all e-mail verification would be is a second password to get into your account. A password that could be gotten in roughly the same manner that a large majority of user information is gotten in Blizzard hacks. If a second password was actually an effective means of online security all online accounts would have 2 passwords.

Furthermore, you say Steam has never failed you client side, but refuse to listen to logically explanation has to why most hackers are not focusing hacking efforts on Steam accounts, because there is no profits in it.

I could park a beater Pinto station wagon next a custom Lamborghini and lock the doors of both cars. If one of the two cars is stolen there is a higher probability that the Lamborghini would be the one stolen and it wouldn't be because the the door locks on the Pinto were hard to get through. but you don't want to hear that cause it "isn't on topic". Steam is less likely to get hacked because it is a target less often. Plain and simple.

i know how it works, i'm just saying it adds another layer of security that would've required more effort on the hackers part, as he would then have to figure out a way to get my e-mail password also. Please tell me how that would impede the user that much more to have to verify their computer each time they used it at a different location.

Logical explanation? I have not once argued that hackers are not going for blizzard accounts over steam/*insert account here*, Stop ignoring the fact that I have said MULTIPLE times that blizzard has more to offer via their accounts. I've said it in multiple posts, I wasn't referring to the quantity of what they could steal, or how much they could steal, it was HOW they could steal it.

If you can't comprehend basic english as to what I've been saying the past 8 or so posts, then don't bother responding, I've not once argued that Blizzard has more attacks/hackers going for it, yet you have this silly notion in your head that I cannot comprehend what your saying, when in fact I was never arguing that at all.

Yes I don't agree with you insult my reading comprehension, cause that is classy.

I am not saying that e-mail verification would impeded users, not once have I said that. In fact authenticators are way more disruptive then e-mail verification would be. What I am saying is that e-mail verification would be less effective at protecting Battle.net accounts then it is at protecting Steam accounts, and it is far less effective then authenticators. I don't feel that Blizzard should go out of its way to implement yet other safety feature that is less effective then what is currently available, because a relatively small (I am guessing less then 1%)part of its player base doesn't have access to free authenticator options and is also unwilling to spend 6.50 or so on a physical authenticator. Especially since having your account hacked will not ruin your life or credit at best you lose time making a phone call since more often then not Blizzard restores what ever was lost. Worst case scenario you lose time and some virtual crap.

I don't agree with you. You can keep trying to insult me if you wish, but that doesn't make your point anymore meaningful.