According to their policy, you are only allowed a rollback twice in your entire lifetime. With the high amount of hacking going on in their game, this policy is absolutely inane. In essence, what I'm really saying is that you can get hacked at any time regardless of whether you have an authenticator or not or even if you follow their security FAQ. When you do hacked, you need to wait 2-3 days before you actually get a response (whenever I got hacked in WoW, my issues were resolved in under two hours). Then, there's a chance that you will either not get your stuff back at all or you'll only get 80% of your stuff back. And lastly, you can only get your stuff back twice in your entire lifetime.
There's nothing at all wrong with that policy. Clean up your security, and you won't have an issue. I've had a bnet account with WoW, SC2, and now D3 on it since they merged the WoW accounts (I think) three years ago, and had a WoW account since 2005. I've never been hacked on any of those. .
I have three Blizzard games in one Bnet account, plus I have the keys to D2, SC1, and WC3 also on that same Bnet account so I can download no-CD versions. On top of that there's my daughters' account with WoW and SC2 on it. If there was a Blizzard security problem that let the hackers get into the player info, I'd be a great target, with all those on the same account, after all. I'd be a good target, but I've never been touched on either account, because I actually take responsibility for my own security. I suggest you do the same, and quit whining and looking for someone else to blame your problems on, or, quit playing and get over it.
you dont get the point you are not a good target just because you have sc1 sc2 and the rest they dont care they cant sell your account your name is imprinted on it ... and you cannot change it ...
what they want is you character and the gold you are just lucky ... his security is fine it is just about luck .... unless you use multiple proxy or use a server that totally block any intruder you are at risk the authenticator cannot help all the time most of the hacked people had one and they all bypassed it ... its all about being chosen by the hacking company or not just for further analysys their method is pretty simple there are multiple person working at the same time most times if you have a 60 they will use him as a power leveler
step one get into ur email
step two post multiple emails as referee soo they cant lose it
step 3 go into your battlenet account and change password
step 4 if you log in during that they will change the password whilee u scream in anger and simply log back in and strip everything in a matter of seconds
step 5 change everything and focus on the email
step 6 it has been done resume the pwoerleveling since they cant do anything
Session spoofing isn't whats causing this. Thanks for proving even more that you are a total ignoramus when it comes to computers. Every case has happened with a password being put in, session spoofing would not require a PW being put in, people would not have their PW changed with session spoofing.
Way to be a blind sheep and just believe everything you see.
Especially taking advice from Dark Mage who is a pill fiend, about as trust worthy as Whitney Huston with a bag of crack. They don't have any proof, the guy says he could list a dozen flaws as to why it's not safe to play public games, and when called out he gives 1 half ass reason.
I'll take my advice from some one who isn't a drug addict, thanks.
You providing that link is like trying to prove the holocaust didn't happen by linking to a forum for anti-zionist holocaust deniers.
My comment on some one who as stupid as you, but is employed by Forbes (GOD BLESS AMERICA):
I really do hate to break it to you, but it really is all the customers fault. If you had bothered to do ANY kind of research, you would have found this:
" In all of the individual Diablo III-related compromise cases we've investigated, none have occurred after a physical Battle.net Authenticator or Battle.net Mobile Authenticator app was attached to the player's account, and we have yet to find any situation where a Diablo III player's account was accessed outside of "traditional" compromise methods (i.e. someone logging using an account's login email and password)."
Session spoofing is at a level of technically impossible. The hackers do not have access to some "magic" list of passwords that they can just easily go through and find one and just pick accounts at random.
This is the exact same thing that happens when a World of Warcraft expansion is released, the demand for virtual goods for real life cash sky rockets, giving companies that sell them a great reason to use key logging to start raking in the dough, both virtual and real.
Authenticators should not be standard, in the end it is up to YOU to keep your account secure, not blizzard. Blizzard sells these tokens at cost, all you pay for is the shipping, and if you have an Android/iOS phone the authenticator is 100% free.
As for your statement on "Behavioral" patterns that need to be recognized, such as stripping your character to sell items, the game can not identify that you are doing that. The game can:
A) Identify you are removing gear
Identify that you are selling gear
The game can NOT:
A) Identify you are removing gear to sell
Identify that the gear you are selling was the gear you were just wearing.
I myself have striped my character naked and sold my gear after I have wrangled up a bunch of nice upgrades.
In the long run, players "Feel the need to berate" those who have been hacked because a lot of them go around instantly blaming Blizzard instead of themselves. It's human nature to be embarrassed of shame, so what is the easiest route to take? Blame some one else, of course!
"It’s like driving by a car accident and laughing at the injured driver for assuredly texting behind the wheel, when really they were slammed into by a drunk."
It's more like driving by a car accident and laughing at the drunk who ran into the poll and is blaming the car manufacturer for the accident.
"Blizzard does not make passwords case sensitive, or why hacked accounts are only having one character stripped when access to a password should mean everything can be looted.
1) case sensitive passwords do nothing but add a false sense of security, and only stop brute force attacks, of which these are not because there are a set limit of login attempts.
2) Only one character is being striped because that is all they usually have time for. Most items will be in the stash, which is shared among all characters. All gold as well is account wide. They will simply pick 1 character, strip all the gear, take the gear from the stash, and move on. It's called efficiency. The longer the time they are on the account, the more likely they are to get caught. The faster a thief moves, the more he can steal another day.
"Personally, I’d love to take responsibility for being hacked. I’d love to find a virus or keylogger on my computer I could warn others about."
The main problem with these, is when you are running Virus/Malware scans, the only way the scanner is going to pick it up is if it KNOWS of the virus. It is wholly possible that this is a brand new type going around, and has yet to be included in any updates with these products. You can say "I've never gone to shady sites, or replied to shady emails." but most of these attacks come through thinks such as Flash vulnerabilities.
"it’s fair to question just how well accounts are protected by those who make the game itself"
Blizzard has stated over and over again that there are no problems on there side. Do you honestly think a corporation is going to dig themselves a hole THIS big over something like this? You are dealing with a corporation, not a five year old who got his hand caught in the cookie jar.
In closing, I'd like to state that it seems your article is filled with a lot of angst, and I believe this anger is corrupting your ability to be a journalist. In this case, account security is up to the owned of the account, and not Blizzard. Do yourself a favor, buy the authenticator (AT COST TO BLIZZARD) and secure your own damn account.
I would like to say that I got an authenticator when I heard about people getting hacked. Then, a few days later. I got hacked anyway. I don't give my account information to anyone. I don't click on phising scans. I have an anti-virus installed and scan regularly every single week. I've changed my battlnet password. Despite all of this, I still got hacked and lost everything and Blizzard is still not getting back to me.
BackForJustice, do not listen to a majority of these douchebags replying to you. They're just sitting on their highhorse because they think they're hot shit just because they didn't get hacked. The real blame of your problem is the hacker himself. It is the hacker who did this to you and it is his fault. However, I will say that it is Blizzard's job to mitigate the threat of hacking. I have played several MMO's, I have three emails, a twitter, and a facebook, and many other accounts. The only accounts of mine that have gotten hacked are ones associated with Blizzard. So you have every right to be upset. I will say this now so you know: you will get hacked regardless of whether you have an authenticator or not.
Once again, I empathize with your situation because I got hacked even WITH an authenticator on my account. And for everyone who doesn't know Blizzard's policy on what they do when you get hacked, here it is: Blizzard does one of two things. 1) They rollback your character to a save point. This causes you to receive only 80% of your inventory and gold back. 2) They give you nothing at all. If you want proof about option 2, let me show you an actual customer service ticket that one of my friends received:
Hey there!
Thanks for reaching out to us about your Diablo III account, I hope you’ve been enjoying the game. I’m really sorry to hear about the losses you’ve reported and I appreciate the patience you’ve shown us while this was investigated for you. Compromise Restorations for Diablo III accounts are based on automatically saved restoration points. Restorations are provided by rolling the account back to one of these good restoration points. Any progress earned after a during or after compromise is lost when these rollbacks are performed.
However, after a thorough review of your account, we determined that a restoration point does not exist. As a result, the restoration you are requesting could not be provided and I am really very sorry for any inconvenience this may cause for you. Fortunately, part of the fun of Diablo is smashing demons to bits to find awesome items and acquire gold - so while this is definitely a setback, hopefully recovering from it will prove just as fun as before.
According to their policy, you are only allowed a rollback twice in your entire lifetime. With the high amount of hacking going on in their game, this policy is absolutely inane. In essence, what I'm really saying is that you can get hacked at any time regardless of whether you have an authenticator or not or even if you follow their security FAQ. When you do hacked, you need to wait 2-3 days before you actually get a response (whenever I got hacked in WoW, my issues were resolved in under two hours). Then, there's a chance that you will either not get your stuff back at all or you'll only get 80% of your stuff back. And lastly, you can only get your stuff back twice in your entire lifetime.
I still fail to understand how you can get hacked with an Authenticator :/
I think people with internet security seems to think it will never happen to them until it does. I know i was one of them. I had my account in another MMO get compromised. I had security avast. That MMO EVE has no authenticators. I bougth ESET and since then have had no problems. You get what you pay for. Also blizzard offers the authenticators. Why people do not buy them i will never know.
The only authenticators to get hacked where the call in ones which are really not authenticators. That was from a blue post. They said no one has hacked the authenticators ordered.
The only authenticators to get hacked where the call in ones which are really not authenticators. That was from a blue post. They said no one has hacked the authenticators ordered.
The ones used now were hacked a couple times in early WoW Bnet times, *but*, the way it was done still required the client machine to be compromised, so that the login network traffic could be redirected to the hackers, not to Blizzard. So, the hackers would get the login, the password, and the authenticator number, and immediately log in *in real time* before the authenticator number expires, meanwhile giving the user an error. This is called man-in-the-middle, and, it really didn't 'hack the authenticators', it just stole their information in another way that still involved bad end-user security.
As you can see, this is a real pita, compared to automated ways that they can get login/password info via automated means and use them on no-authenticator accounts, so it's not used very much, and, I think Blizzard has done something to make even this not work, because no authenticator-attached accounts have been hacked, according to Blizzard, since the ones I'm talking about above, and that's been a year or two now.
As far as the OP, I'll believe he got hacked with an authenticator attached to his account *before the compromise* when Blizzard says it happened. If it had really happened that way, he would already have his stuff back, and they'd be looking at his machine to figure out how and why. Not just a form-letter response. That signifies to me that he's lying about the authenticator. If there's one on the account, it wasn't attached at the time of compromise.
Rollback Post to RevisionRollBack
To post a comment, please login or register a new account.
you dont get the point you are not a good target just because you have sc1 sc2 and the rest they dont care they cant sell your account your name is imprinted on it ... and you cannot change it ...
what they want is you character and the gold you are just lucky ... his security is fine it is just about luck .... unless you use multiple proxy or use a server that totally block any intruder you are at risk the authenticator cannot help all the time most of the hacked people had one and they all bypassed it ... its all about being chosen by the hacking company or not just for further analysys their method is pretty simple there are multiple person working at the same time most times if you have a 60 they will use him as a power leveler
step one get into ur email
step two post multiple emails as referee soo they cant lose it
step 3 go into your battlenet account and change password
step 4 if you log in during that they will change the password whilee u scream in anger and simply log back in and strip everything in a matter of seconds
step 5 change everything and focus on the email
step 6 it has been done resume the pwoerleveling since they cant do anything
you are obviously just a big troll and an idiot please go roam eslewhere ... maybe go to 9gag they love trolls there ...
Logic makes me a troll?
Idiocracy is starting to look like a grim glimpse at humanity's future.
ill leave this here
read an you will understand ...
Way to be a blind sheep and just believe everything you see.
Especially taking advice from Dark Mage who is a pill fiend, about as trust worthy as Whitney Huston with a bag of crack. They don't have any proof, the guy says he could list a dozen flaws as to why it's not safe to play public games, and when called out he gives 1 half ass reason.
I'll take my advice from some one who isn't a drug addict, thanks.
You providing that link is like trying to prove the holocaust didn't happen by linking to a forum for anti-zionist holocaust deniers.
My comment on some one who as stupid as you, but is employed by Forbes (GOD BLESS AMERICA):
http://www.forbes.co...ck-stops-where/
I still fail to understand how you can get hacked with an Authenticator :/
The ones used now were hacked a couple times in early WoW Bnet times, *but*, the way it was done still required the client machine to be compromised, so that the login network traffic could be redirected to the hackers, not to Blizzard. So, the hackers would get the login, the password, and the authenticator number, and immediately log in *in real time* before the authenticator number expires, meanwhile giving the user an error. This is called man-in-the-middle, and, it really didn't 'hack the authenticators', it just stole their information in another way that still involved bad end-user security.
As you can see, this is a real pita, compared to automated ways that they can get login/password info via automated means and use them on no-authenticator accounts, so it's not used very much, and, I think Blizzard has done something to make even this not work, because no authenticator-attached accounts have been hacked, according to Blizzard, since the ones I'm talking about above, and that's been a year or two now.
As far as the OP, I'll believe he got hacked with an authenticator attached to his account *before the compromise* when Blizzard says it happened. If it had really happened that way, he would already have his stuff back, and they'd be looking at his machine to figure out how and why. Not just a form-letter response. That signifies to me that he's lying about the authenticator. If there's one on the account, it wasn't attached at the time of compromise.