No Authenticator, No Diablo III Cash Auction House

[ElPatron]

Yeah, no. Not even my dual-core @ 3.0Ghz can handle 1000 guesses per second.

..no offense, but that's not a powerful processor.
At all.[/quote]

None taken. I am proud of my build because it was dirt cheap (cost me half of what it was worth) and despite being 3 years old I am not planning any upgrades soon.

Test if by yourself with a quad core, but if it takes 275 years instead of 550 it's not much use. If it takes more than a week it's borderline useless.

Can your processor do 29 million guesses per second? That is my point, I wasn't bragging about a CPU several years old.

 

[CardinalPiggles]

Good idea, if people put their items in the AH and a hacker sees it, he could either pay for it, or hack the account, hmm.

people are still playing this game?

No, the servers are completely empty, so they're shutting them down in about a month or two.

 

[Woodsey]

'It'll be very interesting to see how it develops.'

Into a metric fuck-tonne of dolla for Blizzard, especially since they can presumably control the price points of items themselves by altering drop rates.

 

[WindKnight]

So... they, make you be online to play the singleplayer cause they want to make people use the RMAH.... and then they impose a limitation on who can actually use the RMAH.

Not really seeing any sense here.

 

[Lovely Mixture]

Actually they never stated that (to my knowlege).If so I would like to see your source on it.

Everything I have seen on the reasoning of it has been "Because that is how we think Diablo should be played".

More importantly Item duping cannot cause more problems than it could with an offline mode. It can cause the same amount of problems.
If you play single player whether it being online or offline the whole point is you wouldn't interact with the dupes. Offline play would physically prevent you from interacting with other players and only playing single player would you would prevent yourself. Unless you actually take advantage of the AH or trading. It witch case you couldn't do that offline anyway.

The earliest story [http://www.1up.com/news/diablo-3-requires-online-when-playing] I could find and remember, it's sort of oddly reported but it's there. People took it that way, or at least this guy did. [http://techcrunch.com/2011/08/01/diablo-3-drm-requires-constant-internet-connection-until-you-crack-it-of-course/]

And it's been the way everyone has been taking it and how people have been arguing in favor of the always-online.

 

[saejox]

hackers don't use passwords to hack. they get you session info.
there was a bug that made it possible for people in your party to obtain your session info.
if you supply that info to server it automatically logs you in. even if you have an authenticator.

blizzard is to proud to accept they made a mistake. instead they blame users for their stupidity.

 

[Grunt_Man11]

Right, because authenticators prevented hacking entirely.....oh wait...

"Oh wait" what?

If you're talking about those claims that authenticator protected accounts got hacked, then here's something for you.

None of those claims have been confirmed, none.

Confirmation or it didn't happen.

It wouldn't be the first time people have made such lies in order to make a person/company/organization/group look bad.

Blizzard knows the authenticators are not a garentee, they have proof that it has been cracked. Its an algorithm, you pick the right one, your good to go. Just as easy as guessing a password in some cases.

Link or it didn't happen.

Keep in mind, I'm still not defending Blizzard's decision to require a constant internet connection even for single player.

I'm not naive to think that the reason for this decision wasn't because of the Real Money Auction House. It is totally the reason why they require a constant internet connection, and that one of the reasons I object to it. It's about money and control.

I'll gladly call out fear-mongering people who make claims that authenticator protected accounts are just as easily hacked as ones that aren't. Especially when they don't provide the sources of such claims. No link, no proof.

However, I'll also gladly call out Blizzard for poor business decisions that only cause legit customers grief, and I'm still not buying Diablo 3.

 

[BENZOOKA]

I haven't even contemplated on using the RMAH. If I find an incredibly hard to find item that I might get a price out of, I'll consider it.

Anyways, a good move from Blizzard. Not at all unpredictable actually.

 

[Frankster]

More like what you didn't do. There's any number of ways you could get "hacked", but the point is it didn't come from Blizzard's end, and that means there's only one end left, which is the users.

Why couldn't it have been from Blizzard's end? Companies are not infallible.

Yeh guys, about blizzard's "infaillible" security...

DAMNIT! Thread got deleted T_T
But basically blizzard forum users had found out that at one point blizzard site wasn't using a secure connection, meaning that when you were logged on to any part of the blizzard site, other users could do some l33t hack stuff (seriously, there was 4 peeps who said hacking was part of their job and they were trading technical lingo that flew right over me :\) to find out details about your account or even access some of the blizz site, including the complete list of all those who preordered diablo 3.

Fortunately thanks to those forumites who noticed it, the issue was solved relatively quickly.
And no this wasn't something from years ago, this happened LAST MONTH.

Morale of the story? Don't trust in the supposed invincibility of any security system.

 

[Kungfu_Teddybear]

people are still playing this game?

Yes, just like people are still playing Quake III. It's shocking to think that people would still be playing a game they enjoy.

 

[ToastiestZombie]

I'm still so glad I got the MGS:HD collection instead of this pile of shite. I don't care how good the game is, or how fun it is. If you have to pay to access a feature that's messing with you from the start then fuck that game. I still don't get why this hasn't caused as big as a fuss as the bloody ending to Mass Effect 3. All this just makes me pity how gamers are allowing to be trodden on.

 

[RvLeshrac]

I was very annoyed to discover the dial-in authenticator doesn't work for D3. I don't want the auction house, I just want -security-. I do not have a smart phone, and no, I am NOT paying extra to buy an extra product because YOU CAN'T MAKE YOUR GAME SECURE.

No, they are selling an extra security measure because you can't make your PC secure.

The only way to access an account is with the password. Everyone who got hacked had their password stolen

Blizzard's password system:

a) Is not case-sensitive.

b) Implements no login restrictions, meaning you can login an infinite number of times with an infinite number of incorrect passwords without any delay.

Your password doesn't need to be "stolen." The system is vulnerable to the simplest of all possible attacks.

 

[Valdus]

In all honesty the thing that bugs me most about Diablo isn't blizzard, it's the fans. Everyone knew beforehand that this game would be online only - everyone knew it would have a real money auction house (making it an ideal target for hackers).

People knew this and still bought the game. You can't complain about crap that every man and his dog predicted would happen. I never spoke to a single person who seemed convinced that things like hacking wouldn't be an issue for this game. Yet I know plenty who bought it anyway.

Forcing people to buy authenticaters? I can believe that. It's right up there with everything else blizzard has done. I can complain though, because these issues have made me not buy the game. Shame not everyone can say the same.

 

[Lovely Mixture]

That doesn't change that isn't what they are stating.

People can take it whatever way they want, it still doesn't change that they dont view Diablo 3 as an offline game. Just Like they do with WoW.

Well I wasn't arguing that, but the fact of the matter is that you can play Diablo III alone even if it isn't how isn't how it's "meant" to be played.

I also want to point out that I havn't said that, so your "everyone" isn't holding water until you point to someone actually using it.

Bad weasel word on my part. But I'll post links to the tabs I have open now on this issue. Just ctrl+f for hack, cheat, dupe, duping, etc

http://www.gamefront.com/bitching-about-diablo-3-is-allowed-advertising-in-games-can-go-to-hell/
http://eu.battle.net/d3/en/forum/topic/4551575252
http://4logpc.com/diablo-3-drm-shows-how-greedy-blizzard-has-become/
http://www.cinemablend.com/games/Diablo-3-Item-Duping-Videos-Surface-Always-DRM-Proven-Useless-43428.html
https://us.battle.net/d3/en/forum/topic/5051955806?page=3 (here people argue whether or not it's for anti-cheating or DRM)
http://www.extremetech.com/gaming/129688-why-diablo-3s-always-online-drm-is-a-good-thing/2
http://eu.battle.net/d3/en/forum/topic/4552325932

 

[DevilWithaHalo]

Yeah, no. Not even my dual-core @ 3.0Ghz can handle 1000 guesses per second.

Cute comic. If one person or program was running guesses, it might take a bit of time. But does that really matter? So it takes you a week, no big deal. It's not like you aren't running several programs accessing several accounts at once. If there isn't a bot program in place to initiate trades and exchanges, that's a bit of manual time to spend tinkering yourself. In a game where a few million people play every day, I wouldn't be surprised if a few dozen accounts were compromised to some degree or another every day.

I think it's safe to say that these "hackers" certainly have more patience then the average D3 player. That's pretty evident when you get a few dozen "I've been hacked!" threads on the forums every day.

Sadly, Blizzards response to various hacking methods, one located here; http://us.battle.net/d3/en/forum/topic/5149619664?page=13#242 are often overlooked and sometimes outright ignored. The claims regarding the added layer of authenticator security still being compromised do seem dubious. That whole session idea people are throwing around isn't how their system works to my knowledge.

Ah well, I've got stuff to do, no more rambling for me.

 

[The Great JT]

I like this idea. This way people can't make actual money by selling items stolen from good, honest people.

 

[Sean951]

I was very annoyed to discover the dial-in authenticator doesn't work for D3. I don't want the auction house, I just want -security-. I do not have a smart phone, and no, I am NOT paying extra to buy an extra product because YOU CAN'T MAKE YOUR GAME SECURE.

No, they are selling an extra security measure because you can't make your PC secure.

The only way to access an account is with the password. Everyone who got hacked had their password stolen

Bull and Shit, broseph, unique case sensitive password over 8 units with numbers, battlenet information not given out. I don't fuck with phishing scams, cycle my passwords, don't respond to e-mails from people I don't know personally (if I even read them), run commercial spyware and anti-virus software. I'm about as well protected as an -AVERAGE CONSUMER- can be and if you blame me for only being an average consumer and not tech savvy? Screw you, I shouldn't have to be. When you provide a SERVICE instead of a PRODUCT the onus is on you to provide for the lowest common denominator, let alone the average. Authenticators should be available for all games (not just WoW) for FREE for all consumers. I don't have a smartphone, so that sort of leaves me SOL.

Got to love the security industry, one of the few crimes where we blame the victim for asking for it. Guess I shouldn't have worn that trampy T-Shirt?

Authenticators are Battle.net wide, not locked to a specific game. They are also offered free for smart phones and for what amounts to S&H for people who want the key chain. I managed to go 2 years on WoW before my account was compromised, and I can pinpoint exactly when and how it happened. Then I got my authenticator like a smart customer and my account was fine for the rest of my WoW time (about another year).

People can claim they got hacked while having a protected account, but I sure as hell don't believe it. This is essentially the same technology banks and military bases use for security, so I don't think your average gold farmer is going to have the ability to break it.

 

[babinro]

I'm disappointed that this information was left off the box prior to purchase.
I also wish that authenticators would be included in boxed retail or collectors editions.

Thankfully, I'm among a small minority who don't own a cellphone and have to pay $23.00 to buy an authenticator and have it shipped to Canada. In truth, this news won't negatively impact that many people.