Blizzard Says Diablo 3 Hacking Isn't Unusual (http://www.escapistmagazine.com/news/view/117373-Blizzard-Says-Diablo-3-Hacking-Isnt-Unusual-UPDATED?fb_comment_id=fbc_10150967709736335_233417 12_10150968941906335#f2dcef821aed802)

If Blizzard, of all people, say it isn't unusual to have so much hacking going on for online games, it makes me wonder ''so how does that online-only security argument goes again? Less chances to cheat when you're forced online?''. I guess it must be that and nothing else. No one can cheat to dupe items, but the door's wide open to let people get your stuff instead! Since ya know, you can't have the ''safety'' of having your character data stored offline, let alone a back-up. Too much chances to cheat. Instead, let's compromise EVERYONE's accounts by having it online-only. Sure, there will likely be less hackers, but you can be certain that the few that will be there will ''spread the love'' of their work to anyone and everyone who wants ''accounts'' or ''rares'' since they'll be the aces of the aces.

I guess I worry too much, right? Sega's security will UNDENIABLY be 100 times the one of Blizzard, or PSO2 should be 100 times less popular than Diablo III, so that should lower the flow of ''breaches''...

I think you're worrying too much. It's extremely rare for account compromises to be the fault of the company actually holding the account. It's almost always the fault of the user. Use a strong password, and keep malware off you're computer and you shouldn't have any problems.

also dont fall for cheap tricks such as give ur username and pass for this or that. no matter how good it seems. ud think wed b past that but it works... sadly

SEGA actually isn't that great at dealing with Security. On the other hand, the real thing is that PSO2 is so underground compared to Diablo 3 that the attacks will just be lessened.

Still, Phantasy Star has seen its good share of terrible hacks. The worst of them being in PSO since no amount of help from SEGA could return your character and stuff to you.

Still, I would expect some hack attempts on this game. There just seems to be a higher ratio of successful hacks for less amount of people in a PS Online game. There will be griefers attempting to find some NOL-level hack in this game as well. Only because a PS Online game has bleed before due to Hackers and they smell blood for the next release.

as long as your password isn't frenchfries or abc123 shouldn't be too bad. I do expect to see hacks and glitchs once the game finally drops though. I think you would be foolish to NOT expect it now a days.

True. I think the Hackers will attempt to see if SEGA still has loopholes that have nothing to do with getting your account data. It's the nature of them when they know a previous game had in-game exploits that screw with other people without gaining their account access info.

Apparently whats happening in Diablo 3 is people hijacking Session IDs, which would have Blizzard at fault.


Sega's security will UNDENIABLY be 100 times the one of Blizzard

Wat.

Sega's security will UNDENIABLY be 100 times the one of Blizzard

Wat.

I was being sarcastic there ;3

[SPOILER-BOX]
Blizzard Says Diablo 3 Hacking Isn't Unusual (http://www.escapistmagazine.com/news/view/117373-Blizzard-Says-Diablo-3-Hacking-Isnt-Unusual-UPDATED?fb_comment_id=fbc_10150967709736335_233417 12_10150968941906335#f2dcef821aed802)

If Blizzard, of all people, say it isn't unusual to have so much hacking going on for online games, it makes me wonder ''so how does that online-only security argument goes again? Less chances to cheat when you're forced online?''. I guess it must be that and nothing else. No one can cheat to dupe items, but the door's wide open to let people get your stuff instead! Since ya know, you can't have the ''safety'' of having your character data stored offline, let alone a back-up. Too much chances to cheat. Instead, let's compromise EVERYONE's accounts by having it online-only. Sure, there will likely be less hackers, but you can be certain that the few that will be there will ''spread the love'' of their work to anyone and everyone who wants ''accounts'' or ''rares'' since they'll be the aces of the aces.

I guess I worry too much, right? Sega's security will UNDENIABLY be 100 times the one of Blizzard, or PSO2 should be 100 times less popular than Diablo III, so that should lower the flow of ''breaches''...[/SPOILER-BOX]

Another thing to note is that the article is saying that there is a spike in hacks when a new Blizzard product is released, like an expansion to wow, not in general.

Also take into consideration that Blizzard has more customers.
If there are more customers, more will be hacked and that many more of them will come public with 'OMG GUIS I WAS HAXORED!1'

Think about people who have nice things in games or in real life, they'll go that extra mile to show off giving an illusion "Wow, everyone has nice things but me" yet in reality the people who don't or just don't care are much greater.

A few people will always get unlucky, and those people stand out more.

just another reason d3's RMT system SEEMS LIKE THE GREATEST IDEA

EVURRRRRR

SEGA actually isn't that great at dealing with Security.I say they aren't too bad. They have got a lot better since PSO v1, update your references.

If even Blizzard states hacking is inevitable, we cannot blame SEGA for not being able to prevent cheating.

As I have always said, what makes the difference is response time.

That's good guys. That means all the hackers are going for them instead and don't have time to bug us!

The account breaches with Diablo 3 are almost certainly mostly, if not entirely, from "hackers" gaining access to people's passwords beforehand through the use of keyloggers, phishing scams, etc. There is zero evidence that anything else was going on. The whole thing has been blown way out of proportion.

Use a strong password, don't fall for phishing scams, use features like the authenticator if available, use good anti-malware software, and practice safe web habits to keep malware off your machine in the first place (such as using the no-script plug-in for Firefox).

The account breaches with Diablo 3 are almost certainly mostly, if not entirely, from "hackers" gaining access to people's passwords beforehand through the use of keyloggers, phishing scams, etc. There is zero evidence that anything else was going on. The whole thing has been blown way out of proportion.

Use a strong password, don't fall for phishing scams, use features like the authenticator if available, use good anti-malware software, and practice safe web habits to keep malware off your machine in the first place (such as using the no-script plug-in for Firefox).

if i could +rep you i would+^_^+ and my 2 cents, always check the URL at the top of the page before typing a password to make sure your on the right page+^_^+

Blizzard Says Diablo 3 Hacking Isn't Unusual (http://www.escapistmagazine.com/news/view/117373-Blizzard-Says-Diablo-3-Hacking-Isnt-Unusual-UPDATED?fb_comment_id=fbc_10150967709736335_233417 12_10150968941906335#f2dcef821aed802)

If Blizzard, of all people, say it isn't unusual to have so much hacking going on for online games, it makes me wonder ''so how does that online-only security argument goes again? Less chances to cheat when you're forced online?''. I guess it must be that and nothing else. No one can cheat to dupe items, but the door's wide open to let people get your stuff instead! Since ya know, you can't have the ''safety'' of having your character data stored offline, let alone a back-up. Too much chances to cheat. Instead, let's compromise EVERYONE's accounts by having it online-only. Sure, there will likely be less hackers, but you can be certain that the few that will be there will ''spread the love'' of their work to anyone and everyone who wants ''accounts'' or ''rares'' since they'll be the aces of the aces...

Every software has vulnerability waiting to be discovered. The real issue is social engineering meaning some people willing to report a flaw into security which can be fixed or exploit it for malicious purpose like cheating. Hacker (in this sense tinkerers) are really useful for the company because they are often quicker to create a fix or even enhance the software.

Use a strong password, don't fall for phishing scams, use features like the authenticator if available, use good anti-malware software, and practice safe web habits to keep malware off your machine in the first place (such as using the no-script plug-in for Firefox).

Or just play offline... o wait.

Point is; no offline = no safety for YOUR info, whether you practice ''make your machine a virtual fort Knox'' or not. I once ran WoW on a fresh format and nothing else ''unsafe'' and still got my account hacked anyway. Didn't have any detectable malwares either.

Not to mention nothing was ever ''remembered'' either. So where in the accursed heavens did I get a ''keylogger''? Then again, security flaws could have been from my exploitation system itself (Windows XP at the time), msn or firefox... or my anti-malware softwares (o the irony). But this just goes to show that careful or not, you're vulnerable. I accepted that reality for WoW as I figured ''well, that's an MMO, it's going to happen at some point I guess''.

But it's just that the thing which might have contributed to the ''blowing out of proportion'' of the Diablo III issue is that it wouldn't have been an existing issue had the game support offline. And seeing that, on that part, SEGA is heading down the same path with PSO2, that's what worries me. (Not to mention the issues with PSU and player rooms being robbed).

Well, let's hope for the best support from SEGA should any of that occur. Can you imagine if blizzard didn't ''fix'' people's hacked/robbed accounts? Not that I find they'd HAVE to when/if it's people's negligence, but if you're a law-abiding ''internet user'' with nothing wrongful running, just your WoW and your exploitation system, feels kind of weird to end up getting nasty surprises anyway. And if they wouldn't restore my account and character data, I'd be done paying for a game that is nothing but Russian roulette. It's something SEGA has to keep watch of, since unlike Blizzard, they won't end up with billions of people playing PSO2, and even though Blizzard DID have a tremendous popularity, they didn't let THAT be an excuse to give into shitty customer service.

But it's just that the thing which might have contributed to the ''blowing out of proportion'' of the Diablo III issue is that it wouldn't have been an existing issue had the game support offline. And seeing that, on that part, SEGA is heading down the same path with PSO2, that's what worries me. (Not to mention the issues with PSU and player rooms being robbed).
I'm with you as far as Diablo III is concerned: not allowing offline play (that's 100% separated from online play, of course) was a bullcrap move. Diablo was never a strictly online game, and in fact by Blizzard's own admission, a majority of Diablo II players never went online (and I'm sure it was even more so for Diablo 1).

However, PSO is a rather different matter. While you could play offline, PSO was always meant to be, and sold as, a cooperative online game. While I still don't agree with not providing support for (again, completely separate) offline play, I can't blame SEGA to the same degree as Blizzard with Diablo III. Further, with the F2P model, it's a little more difficult, although they could simply sell the offline mode for, say, $20, and I'm sure more than a few would shell out for that.

Plus, offline mode doesn't do anything for the security of those who want to go online.

The account breaches with Diablo 3 are almost certainly mostly, if not entirely, from "hackers" gaining access to people's passwords beforehand through the use of keyloggers, phishing scams, etc. There is zero evidence that anything else was going on. The whole thing has been blown way out of proportion.

Use a strong password, don't fall for phishing scams, use features like the authenticator if available, use good anti-malware software, and practice safe web habits to keep malware off your machine in the first place (such as using the no-script plug-in for Firefox).

That isn't really the case though, there are people that state they use strong passwords getting hacked, and even if some weren't telling the truth, a few people reported that they their account got compromised even though they used those fancy mobile authenticators you can buy.

You know, these things...

http://i.imgur.com/SH0CB.jpg

And considering these things are set to change the multi-digit authentication code over decently short periods of time it's not very likely some cases were hacked in the normal manner.

From some sources it seemed like a possibility was that hackers were somehow able to obtain access to using the account by accessing information/server permission using older play session info. How someone would access that I'm not sure of, it could be through simple player info that's already available to any player or it could be through an error/hole in the game's security. Considering the errors and some in game glitches that were apparent at launch I could see it as a probably case that Blizzard might have overlooked something in the game's system.

Hacker (in this sense tinkerers) are really useful for the company because they are often quicker to create a fix or even enhance the software.
Yup. Bank robbers are great for banks too. As are pick-pockets and cat buglars for tourists and home owners.

Hoping a game won't get hacked in like saying a new store won't get robbed. It will happen eventually, just will try my hardest to avoid.

However, PSO is a rather different matter. While you could play offline, PSO was always meant to be, and sold as, a cooperative online game. While I still don't agree with not providing support for (again, completely separate) offline play, I can't blame SEGA to the same degree as Blizzard with Diablo III. Further, with the F2P model, it's a little more difficult, although they could simply sell the offline mode for, say, $20, and I'm sure more than a few would shell out for that.

Plus, offline mode doesn't do anything for the security of those who want to go online.

You're right in both cases. Incidentally, as I could stick to offline for PSO, I wouldn't be protected if I'd want to ''go/stick to'' online. But the thing is, should I had been had online, I could decide then to stick to offline. A freedom that no longer is.

I'm still ''adapting'' to SEGA's move with PSO2. I would be fine playing PSO2 as an online-only game if I had the confidence that, say, I could have a support from SEGA similar to to the one I get from Blizzard with WoW. But should I expect much? WoW is a P2P game, then again, now F2P as well (up to level 20). As far as we know, the ''F2P'' model SEGA has is comparable to the P2P model of WoW; sure, what you pay for is different, but for the price you pay per month for WoW, it includes features which, in PSO2, you have to pay per month to maintain unlocked.

Next thing I wouldn't be surprised is if SEGA announces that from level 20 to X, Hunters are considered ''Guardians'', but hey for that, you'll need a ''licence'' to ''gain levels as Guardians''. And how you keep that? By paying a little bit more. Per month. Making it even more like WoW by being F2P... up to level 20! But now that's just me being a cynic, forgive me ^^;

On a brighter note, I would definitely pay 20$ to get me some offline mode to PSO2.

If game companies were smart they would hire these hacker/tinkerers to help improve their game's security. "It takes a thief to catch a thief" Don't get mad at them hire them. Then when you don't need them anymore make the split amicable that way you don't have some angry ex-employee coming back on you.

There was already talk of people hacking in the CB test, which is really ridiculous and quite shameful.
I think that it is bound to happen, but as long as Sega has an efficient way of dealing with it, the game won't be known as "that game that's really easy to hack because Sega doesn't do anything about it." Blizzard's system of dealing with stuff like this, the "ticket" system, is really a joke. I still have tickets about pretty severe bugs on my account from over a year ago that they just never even answered.
I think that as long as Sega stays away from stuff like that, then PSO2 won't build the reputation of an easy to hack game.

You're right in both cases. Incidentally, as I could stick to offline for PSO, I wouldn't be protected if I'd want to ''go/stick to'' online. But the thing is, should I had been had online, I could decide then to stick to offline. A freedom that no longer is.

I'm still ''adapting'' to SEGA's move with PSO2. I would be fine playing PSO2 as an online-only game if I had the confidence that, say, I could have a support from SEGA similar to to the one I get from Blizzard with WoW. But should I expect much? WoW is a P2P game, then again, now F2P as well (up to level 20). As far as we know, the ''F2P'' model SEGA has is comparable to the P2P model of WoW; sure, what you pay for is different, but for the price you pay per month for WoW, it includes features which, in PSO2, you have to pay per month to maintain unlocked.

Next thing I wouldn't be surprised is if SEGA announces that from level 20 to X, Hunters are considered ''Guardians'', but hey for that, you'll need a ''licence'' to ''gain levels as Guardians''. And how you keep that? By paying a little bit more. Per month. Making it even more like WoW by being F2P... up to level 20! But now that's just me being a cynic, forgive me ^^;

On a brighter note, I would definitely pay 20$ to get me some offline mode to PSO2.

WoW is not F2P and uses a different model. They claim 1-20 is "free to play" but they are behind the times on the language. WoW has a free trial where you can play up to 20. CoH had a free trial version as well up to lvl 14. Free to play means that all "base" level content (which leveling to max is) is free. They may however add a "planet" or a new "class" that may require you to purchase it in a one time fee.

Oh yeah... You should stop comparing anything to WoW. WoW is outside the norm by a huge factor. Nexon, Aeria, and NCsoft games are closer to what one would consider an industry norm of operation considering those 3 companies run most of the western MMORPGs.

My bad, I didn't mean indepth comparison with WoW itlself, it was mostly about the costumer service aspect and P2P model.

Yes it's a P2P and PSO2 is F2P, but like I said up there too, with WoW (and other P2P games I reckon) you don't have to PAY to be able to trade: that comes default with the game. So this is what I meant when I said they resemble each other despite PSO2 being a F2P model: to get the same amount of features - not content yet, just options to go about the content - you get them included in a subscription fee in one, or not included in the other... unless you DO want to add a subscription fee to unlock said features.

TL;DR: All I hope is that if I'm to dish out more than I am for WoW per month (or any other P2P mmo), I'm to get my money's worth with PSO2.
May it be content, feature or customer support-wise.

That isn't really the case though, there are people that state they use strong passwords getting hacked, and even if some weren't telling the truth, a few people reported that they their account got compromised even though they used those fancy mobile authenticators you can buy.
Yeah, people say all kinds of things. The problem is, there's no evidence of any of it. It's just hearsay from people on the internet. Blizzard has stated they have not had a single case reported to them that involved an account with an authenticator attached prior to the account breach (though plenty of people attached one after the fact). Sure, Blizzard could be lying, but I find that much less likely than people getting keylogged/phished and blaming Blizzard for stuff that's really their own fault. Then shit gets spread by trolls/fear-mongerers/ignorant people and suddenly it's a big thing when really it's not.
From some sources it seemed like a possibility was that hackers were somehow able to obtain access to using the account by accessing information/server permission using older play session info. How someone would access that I'm not sure of, it could be through simple player info that's already available to any player or it could be through an error/hole in the game's security.
Yeah, "from some sources" is not a source I'm willing to take seriously. Do these "sources" have any evidence to back this up or, as I'm willing to bet, are they just speculating and pointing fingers? None of the launch issues had anything to do with the authentication system, which isn't even specific to Diablo III. It's just using Bnet 2.0, which has been out for a while and I don't recall any reports of its authentication system being compromised in any way.

Apparently whats happening in Diablo 3 is people hijacking Session IDs, which would have Blizzard at fault.



Wat.

That's just a rumor - considering Blizzard has said they've found no evidence of it and nobody has offered any shred of proof that it's the case.


If game companies were smart they would hire these hacker/tinkerers to help improve their game's security. "It takes a thief to catch a thief" Don't get mad at them hire them. Then when you don't need them anymore make the split amicable that way you don't have some angry ex-employee coming back on you.

The people they hire for this almost certainly have the skillset to be hackers themselves - you can't learn how to stop hackers without learning how to hack. At least, I don't think you can. Not while understanding why you're doing what you're doing.

However, no amount of experts are ever going to stop social engineering attacks. Humans are the weak link in security, not the programs. Usually.

It's not about the F2P or P2P, Diablo 3 is B2P. I don't see a subscription model unless you bought the half cost, rent account model. In the Case of F2P, They don't resort with this "So-called hacking methods" as they see players as potential costumers, even the premiun ones. The only reason they are massively stealing account is to spam their RMT sites considering you have to buy the game per account, so it's easier for them if they just steal it from an existing users. Considering the difficulty that is for them to obtain accounts they mostly fish players that "subscribed to their 3rd party service" and decided to stop using it for a few months as they no longer see them as a potentional costumer and more of a useful account to steal for both using it for botting and nabbing all the gold inside of it. Kinda like a Mafia mob, you hire them once, you have to keep hiring them or else they break your back. At same time they recreate the official sites to fish some unlucky player that don't have the legit way of getting in and can fool them by making him think he's been busted, or that they have a management problem and contact them, having the log-in of the support site totally rigged to send away the info and a bot immediately change the password of the account registered.

But once again, this won't happen since the account making is free. Althought that also means we will have our blocks and lobbies full of gold spammers.

Have a global look such nonsense only happen in China and United State.
There maybe the same problem elsewhere but it never get big.

I bet if PSO2 stay in JP it won't have a really big problem.

Have a global look such nonsense only happen in China and United State.
If only.

If only.

My mistake. EDIT: it only happen if a game involves lots of Chinese or American.

My mistake. EDIT: it only happen if a game involves lots of Chinese or American.
Um, no.

Gameguard. That is all.

I'm still ''adapting'' to SEGA's move with PSO2. I would be fine playing PSO2 as an online-only game if I had the confidence that, say, I could have a support from SEGA similar to to the one I get from Blizzard with WoW. But should I expect much? WoW is a P2P game, then again, now F2P as well (up to level 20). As far as we know, the ''F2P'' model SEGA has is comparable to the P2P model of WoW; sure, what you pay for is different, but for the price you pay per month for WoW, it includes features which, in PSO2, you have to pay per month to maintain unlocked..

Well, when it comes to Blizzard, it's never been just about P2P in terms of how much they'll support a game. They haven't made a single game post-Vikings that they didn't support the heck out of it for years after release. P2P model or not. They do it, because that is just their model.

Yup. Former Bank robbers are great for banks too. As are former pick-pockets and ex-cat burglars for tourists and home owners.

Fixed. =D