I'm not sure I believe this story. Sound sort of like "Servers are going down, lets fake some drama to keep people watching."
Exactly. Gotta keep those YouTube counters rolling! The mortgage still comes due every month.
And to you other whiners, yes, the guy does use his position to draw attention to charitable causes. He should be commended for that. That, however, does not give him a free pass to act like a shitbag to draw said attention, which he does.
I donate to charities that get my attention with people NOT acting like a moron. Even if it is just an act.
It's all an act to generate revenue from YouTube, and some of you guys eat it up hook, line, and sinker.
In this thread, people don't understand athene is a persona, Every person who rages at him saying how he isn't the best or is stupid etc etc i laugh at, cause we know that.... it's a joke and it's funny as HELL to watch people get riled up by him.
If he did get hacked, bad luck can happen to anyone but this is more than likely a publicity act, so many people will spread the word that he got hacked people will dispute it and fight or cry and it will just be another day,
PS i don't follow athene, i don't watch his stream (except for the time they had that DS10 heroic speed run with 4 guilds) that was thanks to MMO linking it =p.
If he has one, D3 doesn't ask you for it every time you log in. The website does. But the authenticator isn't like 100% secure either, its only 6 digits. It can be defeated.
I don't understand why people can't grasp the concept of an authenticator, then they go spouting off about it like this ^ when they obviously have no idea what they're talking about. The kind of statement made above should get you banned.
An authenticator works like this:
You sit at the computer.
You start Diablo.
You type your username/password.
OH NOES! You need to enter your authenticator number!
When you press the button on the physical authenticator, the controller chip inside the authenticator generates a pseudo-random number (6 digits on the physical authenticator, 8 digits on the mobile one). On a standard 40-bit authenticator, this would provide "240" (or about a trillion) codes. They change every 60 seconds, so you will most likely never see the same number twice in about 250 years of gameplay. The battery will run out and you will die well before you see the same number again.
Anyway, this number gets displayed on the screen of the authenticator.
You type the number into the box on the screen.
This number is then checked by Blizzard's servers, which know every number combination for your authenticator and were time-synchronized before being shipped to you (or at the time of your setup for the mobile).
If the numbers match, you are then authenticated and ready to play.
In conclusion (/cheer!), I would have to know your username and password, and would also have to have a TIME-SYNCHRONIZED LIST OF TRILLIONS OF 6 TO 8 DIGIT CODES, find the one that you just entered, and enter that into another Diablo game within 60 seconds of you doing it in order to get logged in as you.
If you can do this (you can't), then you've just effectively nullified the security for big business, banking, and government installations all over the world. It is a ridiculous statement to say, "It can be defeated." with any level of certainty and without years and years of training, expensive technology, and PHYSICAL access to someone's PC.
TL;DR - GET AN AUTHENTICATOR AND STOP SPREADING LIES THAT AUTHENTICATORS HAVE/CAN BE HACKED.
He's now saying that he screwed up and showed his password and log-in during a live stream and thousands of people started cracking into his account.
I haven't seen anyone in this thread mention that he gave his own log-in info away by accident. Maybe I missed it? People have been saying he got hacked.
Please. They don't make a profit from the authenticators. I'm even surprised that more games don't have them available, either in app form or physical.
Profit is one thing, having a prophylactic to point to when substandard security procedures fail is another.
Blizzard wanted to become a full-fledged global financial services firm with the RMAH? Mission accomplished.
If he has one, D3 doesn't ask you for it every time you log in. The website does. But the authenticator isn't like 100% secure either, its only 6 digits. It can be defeated.
I don't understand why people can't grasp the concept of an authenticator, then they go spouting off about it like this ^ when they obviously have no idea what they're talking about. The kind of statement made above should get you banned.
An authenticator works like this:
You sit at the computer.
You start Diablo.
You type your username/password.
OH NOES! You need to enter your authenticator number!
When you press the button on the physical authenticator, the controller chip inside the authenticator generates a pseudo-random number (6 digits on the physical authenticator, 8 digits on the mobile one). On a standard 40-bit authenticator, this would provide "240" (or about a trillion) codes. They change every 60 seconds, so you will most likely never see the same number twice in about 250 years of gameplay. The battery will run out and you will die well before you see the same number again.
Anyway, this number gets displayed on the screen of the authenticator.
You type the number into the box on the screen.
This number is then checked by Blizzard's servers, which know every number combination for your authenticator and were time-synchronized before being shipped to you (or at the time of your setup for the mobile).
If the numbers match, you are then authenticated and ready to play.
In conclusion (/cheer!), I would have to know your username and password, and would also have to have a TIME-SYNCHRONIZED LIST OF TRILLIONS OF 6 TO 8 DIGIT CODES, find the one that you just entered, and enter that into another Diablo game within 60 seconds of you doing it in order to get logged in as you.
If you can do this (you can't), then you've just effectively nullified the security for big business, banking, and government installations all over the world. It is a ridiculous statement to say, "It can be defeated." with any level of certainty and without years and years of training, expensive technology, and PHYSICAL access to someone's PC.
TL;DR - GET AN AUTHENTICATOR AND STOP SPREADING LIES THAT AUTHENTICATORS HAVE/CAN BE HACKED.
While this is mostly 90% correct, you are wrong about one thing...
trillions of codes?
1,000,000,000,000
thats the number 1 trillion. its more then 6 digits. its more than 8 digits. 6 digits would give you 1 million codes(counting all zeros as a code as well) 8 digits would give you 100 million codes. Definitely not trillions.
Because playing a game for entertainment (when the servers actually work) should be like working for a major accounting or legal firm.
Remember - only you can help Bobby K get that next Matisse on the wall.
If you can't understand that the authenticator isn't a profit center for Blizzard, but simply a tool they provide for their customers because people who play Blizzard games are high value targets for account thieves, then there's no point in discussing anything about this with you.
the authenticator isn't a profit center for Blizzard, but simply a tool they provide for their customers
Interesting... I've had accounts which in my better days had six digits in them... yet the banks and brokers involved never tried to sell me a plastic tchotchke to compensate for their online security holes.
And, incidentally, when are you going to acknowledge that "always online" only exists because the Diablo franchise is all about seeing how much F2P type abuse the typical paying consumer will stomach instead of actually giving them a playable game? I know, asking a lab rat to visualize the nature of the experiment is a bit much, not just in terms of intellectual powers, but in terms of the psychic pain in acknowledging their fate... But, please, try.
the authenticator isn't a profit center for Blizzard, but simply a tool they provide for their customers
Interesting... I've had accounts which in my better days had six digits in them... yet the banks and brokers involved never tried to sell me a plastic tchotchke to compensate for their online security holes.
in my country that's pretty standard - all banks I deal with migrated from a simple TAN list to either an authenticator or a mobile Tan system (where you get the TAN sent per SMS to your mobile phone), without it you cannot make any transactions online.
(the problem with simple TAN lists was that people would happily enter several TANs at once into some phishing site - one of them could be used to log the customer into his real bank account and the others were stored for fraudulent withdrawals etc)
Even better, one bank requires me to use an authenticator despite not allowing me to set my own password for their online banking services which rightaway eliminates one of the major causes for "hacked" accounts (same password used on malicious or compromised site).
How else are banks going to protect themselves from users that are stupid enough to fall for the most obvious scams and oblivious to even the most simple best practices?
they can't realistically force you to patch your operating system and browser, they can't force you to run an antivirus scan, they can't force you not to reuse passwords if they allow you to set one - and yet you want them to bear the cost inflicted by incompetent users, blaming their security model?
An authenticator does nothing to protect the business from security flaws on their side - someone with access to their database does not need an authenticator to access any information within.
An authenticator does one thing only - it protects users from their own idiocy (and experience shows that this is very much required).
Why do some of these posters think Blizzard is out to get them?
They have access to your toons.
They have access to your PC.
They have access to all your in-game money and items.
They have access to your bank (through WoW or the RMAH).
How many times do you have to not get robbed by Blizzard to realize they're not out to get you?
They make a game that's fun to play for you to kill time till you die (or get a girlfriend/boyfriend that doesn't play games).
Where's the conspiracy? What are these devils after?
Let me assure you, Blizzard does not own Blackhawks. They are not outside your mom's basement looking for you now.
Damn y'all, STFU and have some fun. Get an authenticator to protect your own lootz. Stop blaming Blizzard for inventing thievery and not protecting you against it, then TRYING TO COVER UP THEIR THIEVERY-INVENTIONS.
If the product doesnt meet your expectations there isnt an hidden agenda explaining why.
Excellent point. Companies, much like humans themselves, can get old and less mentally agile, and often become downright self-destructive for reasons which outsiders find mystifying.
If he has one, D3 doesn't ask you for it every time you log in. The website does. But the authenticator isn't like 100% secure either, its only 6 digits. It can be defeated.
No. Just no. You aren't asked for it every time if Blizzard detects that you are logging in from your normal location. You are still just as secure. Also it doesn't matter that it is only 6 numbers, it is secure. (The mobile authenticator uses 8 digits).
Its secure. If someone has cracked the algorithm that generates the number then they would be breaking into banks and other places then a video game. It would also spread pretty quickly if such a thing happened and Vasco would alert the user's of their products. Just because it is only a few numbers doesn't mean it is insecure or easy to crack.
And, incidentally, when are you going to acknowledge that "always online" only exists because the Diablo franchise is all about seeing how much F2P type abuse the typical paying consumer will stomach instead of actually giving them a playable game? I know, asking a lab rat to visualize the nature of the experiment is a bit much, not just in terms of intellectual powers, but in terms of the psychic pain in acknowledging their fate... But, please, try.
Blizzard has said numerous times that they've always seen Diablo as a online only game but the technology didn't exist for its users to take full advantage of that. If diablo 2 came out now it would have been online only. The game being online only is also for more reasons then just the AH. But again the AH (both Gold and Real Money) are in response to the demands of the player base and to provide the player base with a safe and secure place to do such things.
Items for Real money was extremely common in Diablo 2 and there are people that still pay 8 dollars or more for items after all this time. Yes Blizzard is getting a cut of it, but it is also something that the players of Diablo 2 were using and like that they now have a secure way to get gold and items instead of opening themselves up to hackers and credit fraud.
If you are doing internet banking today without the use of either a physical authenticator device or a specific system that can only be accessed by your physical self then you are quite frankly asking to have your money stolen, sorry.
Interesting point. Next time I'm at the bank or broker, I'll try to explain to them that despite the fact I've had no worries or incidents with them over the past decade or two, the video game I spent $65 on a couple of weeks ago has convinced me that I need a plastic keychain to continue securely logging in on their systems.
Hopefully, they will have had their morning coffee already, so it doesn't come out their nose.
Rollback Post to RevisionRollBack
To post a comment, please login or register a new account.
Exactly. Gotta keep those YouTube counters rolling! The mortgage still comes due every month.
And to you other whiners, yes, the guy does use his position to draw attention to charitable causes. He should be commended for that. That, however, does not give him a free pass to act like a shitbag to draw said attention, which he does.
I donate to charities that get my attention with people NOT acting like a moron. Even if it is just an act.
It's all an act to generate revenue from YouTube, and some of you guys eat it up hook, line, and sinker.
BurningRope#1322 (US~HC) Request an invite to the official (NA) <dfans> Clan
That was the story from the start? They've been live streaming everyday for like a month.
If he did get hacked, bad luck can happen to anyone but this is more than likely a publicity act, so many people will spread the word that he got hacked people will dispute it and fight or cry and it will just be another day,
PS i don't follow athene, i don't watch his stream (except for the time they had that DS10 heroic speed run with 4 guilds) that was thanks to MMO linking it =p.
I don't understand why people can't grasp the concept of an authenticator, then they go spouting off about it like this ^ when they obviously have no idea what they're talking about. The kind of statement made above should get you banned.
An authenticator works like this:
You sit at the computer.
You start Diablo.
You type your username/password.
OH NOES! You need to enter your authenticator number!
When you press the button on the physical authenticator, the controller chip inside the authenticator generates a pseudo-random number (6 digits on the physical authenticator, 8 digits on the mobile one). On a standard 40-bit authenticator, this would provide "240" (or about a trillion) codes. They change every 60 seconds, so you will most likely never see the same number twice in about 250 years of gameplay. The battery will run out and you will die well before you see the same number again.
Anyway, this number gets displayed on the screen of the authenticator.
You type the number into the box on the screen.
This number is then checked by Blizzard's servers, which know every number combination for your authenticator and were time-synchronized before being shipped to you (or at the time of your setup for the mobile).
If the numbers match, you are then authenticated and ready to play.
In conclusion (/cheer!), I would have to know your username and password, and would also have to have a TIME-SYNCHRONIZED LIST OF TRILLIONS OF 6 TO 8 DIGIT CODES, find the one that you just entered, and enter that into another Diablo game within 60 seconds of you doing it in order to get logged in as you.
If you can do this (you can't), then you've just effectively nullified the security for big business, banking, and government installations all over the world. It is a ridiculous statement to say, "It can be defeated." with any level of certainty and without years and years of training, expensive technology, and PHYSICAL access to someone's PC.
TL;DR - GET AN AUTHENTICATOR AND STOP SPREADING LIES THAT AUTHENTICATORS HAVE/CAN BE HACKED.
I haven't seen anyone in this thread mention that he gave his own log-in info away by accident. Maybe I missed it? People have been saying he got hacked.
BurningRope#1322 (US~HC) Request an invite to the official (NA) <dfans> Clan
Because playing a game for entertainment (when the servers actually work) should be like working for a major accounting or legal firm.
Remember - only you can help Bobby K get that next Matisse on the wall.
I meant "cracking" as in they got crackin on it....as in ....in a hurry. Bad choice of words I suppose.
But yea, what I meant it that he didn't get hacked like everyone was saying. He accidentally gave it away.
BurningRope#1322 (US~HC) Request an invite to the official (NA) <dfans> Clan
Profit is one thing, having a prophylactic to point to when substandard security procedures fail is another.
Blizzard wanted to become a full-fledged global financial services firm with the RMAH? Mission accomplished.
While this is mostly 90% correct, you are wrong about one thing...
trillions of codes?
1,000,000,000,000
thats the number 1 trillion. its more then 6 digits. its more than 8 digits. 6 digits would give you 1 million codes(counting all zeros as a code as well) 8 digits would give you 100 million codes. Definitely not trillions.
If you can't understand that the authenticator isn't a profit center for Blizzard, but simply a tool they provide for their customers because people who play Blizzard games are high value targets for account thieves, then there's no point in discussing anything about this with you.
Interesting... I've had accounts which in my better days had six digits in them... yet the banks and brokers involved never tried to sell me a plastic tchotchke to compensate for their online security holes.
And, incidentally, when are you going to acknowledge that "always online" only exists because the Diablo franchise is all about seeing how much F2P type abuse the typical paying consumer will stomach instead of actually giving them a playable game? I know, asking a lab rat to visualize the nature of the experiment is a bit much, not just in terms of intellectual powers, but in terms of the psychic pain in acknowledging their fate... But, please, try.
But alienating customers and tarnishing a brand for a one-time 350 mil at the expense of an annual 1.5 bil is a little counterintuitive, isn't it?
in my country that's pretty standard - all banks I deal with migrated from a simple TAN list to either an authenticator or a mobile Tan system (where you get the TAN sent per SMS to your mobile phone), without it you cannot make any transactions online.
(the problem with simple TAN lists was that people would happily enter several TANs at once into some phishing site - one of them could be used to log the customer into his real bank account and the others were stored for fraudulent withdrawals etc)
Even better, one bank requires me to use an authenticator despite not allowing me to set my own password for their online banking services which rightaway eliminates one of the major causes for "hacked" accounts (same password used on malicious or compromised site).
How else are banks going to protect themselves from users that are stupid enough to fall for the most obvious scams and oblivious to even the most simple best practices?
they can't realistically force you to patch your operating system and browser, they can't force you to run an antivirus scan, they can't force you not to reuse passwords if they allow you to set one - and yet you want them to bear the cost inflicted by incompetent users, blaming their security model?
An authenticator does nothing to protect the business from security flaws on their side - someone with access to their database does not need an authenticator to access any information within.
An authenticator does one thing only - it protects users from their own idiocy (and experience shows that this is very much required).
They have access to your toons.
They have access to your PC.
They have access to all your in-game money and items.
They have access to your bank (through WoW or the RMAH).
How many times do you have to not get robbed by Blizzard to realize they're not out to get you?
They make a game that's fun to play for you to kill time till you die (or get a girlfriend/boyfriend that doesn't play games).
Where's the conspiracy? What are these devils after?
Let me assure you, Blizzard does not own Blackhawks. They are not outside your mom's basement looking for you now.
Damn y'all, STFU and have some fun. Get an authenticator to protect your own lootz. Stop blaming Blizzard for inventing thievery and not protecting you against it, then TRYING TO COVER UP THEIR THIEVERY-INVENTIONS.
Excellent point. Companies, much like humans themselves, can get old and less mentally agile, and often become downright self-destructive for reasons which outsiders find mystifying.
No. Just no. You aren't asked for it every time if Blizzard detects that you are logging in from your normal location. You are still just as secure. Also it doesn't matter that it is only 6 numbers, it is secure. (The mobile authenticator uses 8 digits).
http://www.vasco.com/products/client_products/single_button_digipass/digipass_go6.aspx
http://www.vasco.com/Images/DP GO6 - DS201007-v1.pdf
Its secure. If someone has cracked the algorithm that generates the number then they would be breaking into banks and other places then a video game. It would also spread pretty quickly if such a thing happened and Vasco would alert the user's of their products. Just because it is only a few numbers doesn't mean it is insecure or easy to crack.
Blizzard has said numerous times that they've always seen Diablo as a online only game but the technology didn't exist for its users to take full advantage of that. If diablo 2 came out now it would have been online only. The game being online only is also for more reasons then just the AH. But again the AH (both Gold and Real Money) are in response to the demands of the player base and to provide the player base with a safe and secure place to do such things.
Items for Real money was extremely common in Diablo 2 and there are people that still pay 8 dollars or more for items after all this time. Yes Blizzard is getting a cut of it, but it is also something that the players of Diablo 2 were using and like that they now have a secure way to get gold and items instead of opening themselves up to hackers and credit fraud.
Interesting point. Next time I'm at the bank or broker, I'll try to explain to them that despite the fact I've had no worries or incidents with them over the past decade or two, the video game I spent $65 on a couple of weeks ago has convinced me that I need a plastic keychain to continue securely logging in on their systems.
Hopefully, they will have had their morning coffee already, so it doesn't come out their nose.