Yes its all Anets fault that people use gold sellers and hand them their info, bots with keyloggers attached (ie drunkard), and using the same details on ANY froum or site that they use to login with which are have far far weaker security than NCSOFT and ultimately who they're targetting. Don't blame Anet cos your not smart, thank them for educating you on protecting your personal info. You could loose your GW account but there are far harsher lessons that could be learnt if you get your ID or bank acc stolen through your naivety of leaving your real life info for everyone to find.
My login e-mail no longer exists and won't be found on any existing site either, and doesn't match the e-mail on my ncsoft acc which also isn't used on any other site. My password is unique to GW only, and i don't mean i usually use 1234 but went with 4321 this time lol, its unique, something only I could come up with
The password system is fine, its the user thats the problem. I have a couple of hundred farming videos on youtube, you can be pretty sure that hackers have come across my channel, the fact i haven't been hacked is because i haven't been stupid enough to use the same info or anything that hints at my details, Bogus Dude is all your gonna find and that ain't gonna get you far. They can't hack my account they can only phish for my details or hack sites i'm attached to like this, none of which use my login details
Fed up with account "security"
BogusDude
BogusDude
Quote:
|
Originally Posted by Evil_Necro
So, we don't even know what happened here. Why is it that yesterday he can logged in? Why today his account was blocked? Anyway.. I don't mean to complain, I just want to share story here that has little relation with this topic. |
Quote:
|
Originally Posted by Evil_Necro
Maybe Anet can do Apple-like-solution by giving number of authorized PC. Like 2 PCs or something..
|
cataphract
Quote:
|
Originally Posted by Ximvotn
I agree with most of this. However, for a virus to be in an online database, it must be caught first. This is where there is room for error and scrutiny of security. There's a chance your or my antivirus could be slower to updating their virus definitions then other antivirus software.
|
Quote:
|
Originally Posted by Evil_Necro
"While I would like to replace your items, the Guild Wars Support Team does not have the capability to replace characters or items, whether they are lost through the actions of unfriendly players, deletion accidents, or through other means.
Here are some tips to help you protect your account and keep your computer secure." |
BogusDude
LOL yeh like every other game can except guild wars, like they didn't make loads of duped armbraces disappear. They couldn't create a basic startup package with a key? Not that i think they should unless its they're servers that are hacked, which isn't the case.
Iuris
Quote:
|
Originally Posted by cataphract
I always start frantically looking for my Bullshit button when I read this.
|
cataphract
I'm-bashing-my-face-against-the-keyboard-type-of-bullshit.
Lucci_Slevin
For those who were not around, Gaile mentioned during the hack scare a couple years back that there is an anti-bruteforcing system built into the log-in.
It should be noted that in addition to ripping the database, there are ways to siphon the log-in info server-sided(not from your comp) as users log-in to a website. Be it automatic log-in or no.
Guru was attacked in such a way a couple years ago.
Those two ways and phishing are the most common methods you will hear about.
Trojans are rare but they happen.
I have never heard of a case where a game log-in was brute forced. Brute forcing exists but is not usually used in this context because there are defenses against it. It is mainly used to crack data encryption.
So the bottom-line is if you keep you GW PW, unique to GW you should be ok.
Quote:
|
Originally Posted by Ximvotn
I agree with most of this. However, for a virus to be in an online database, it must be caught first. This is where there is room for error and scrutiny of security. There's a chance your or my antivirus could be slower to updating their virus definitions then other antivirus software.
|
Guru was attacked in such a way a couple years ago.
Those two ways and phishing are the most common methods you will hear about.
Trojans are rare but they happen.
I have never heard of a case where a game log-in was brute forced. Brute forcing exists but is not usually used in this context because there are defenses against it. It is mainly used to crack data encryption.
So the bottom-line is if you keep you GW PW, unique to GW you should be ok.
Urcscumug
Quote:
|
Originally Posted by BogusDude
LOL yeh like every other game can except guild wars, like they didn't make loads of duped armbraces disappear.
|
Quote:
|
Originally Posted by cataphract
I always start frantically looking for my Bullshit button when I read this.
|
And it gets even more complicated. Some people may lie about lost items; how do you make 100% sure? And once an item is given away it may change hands many times, or transform into other items and money, which in turn change hands and so on -- to revert such changes is quite hard and unfair on all the other players.
So I believe them when they say "we can't do this". Because I take it to mean "we didn't put in any backup system because it was too complicated, we wanted to keep things simple, and there's limited use for it".
You may not like that answer, but it's not bullshit.
BladeDVD
Quote:
|
Originally Posted by Urcscumug
It's not bullshit. For a backup system you need to either (1) record all the changes to all the items, all the time or (2) store snapshots of certain items at certain times. In case of something bad happening you go back in the history for version 1, or you restore the snapshot for version 2. It's not easy to make something like this.
And it gets even more complicated. Some people may lie about lost items; how do you make 100% sure? And once an item is given away it may change hands many times, or transform into other items and money, which in turn change hands and so on -- to revert such changes is quite hard and unfair on all the other players. So I believe them when they say "we can't do this". Because I take it to mean "we didn't put in any backup system because it was too complicated, we wanted to keep things simple, and there's limited use for it". You may not like that answer, but it's not bullshit. |
It's a shame they don't have it in GW and I hope they can do better in GW2, but, to use a tired cliche, it is what it is.
Emperor Bush
Evil_Necro
heh..? so... they can restore money? I'm confused.. what's the story behind that screenshot please? 
cthulhu reborn
Quote:
|
Originally Posted by Evil_Necro
heh..? so... they can restore money? I'm confused.. what's the story behind that screenshot please?
|
cataphract
Quote:
|
Originally Posted by Urcscumug
It's not bullshit. For a backup system you need to either (1) record all the changes to all the items, all the time or (2) store snapshots of certain items at certain times. In case of something bad happening you go back in the history for version 1, or you restore the snapshot for version 2. It's not easy to make something like this.
|
Quote:
|
Originally Posted by Urcscumug
And it gets even more complicated. Some people may lie about lost items; how do you make 100% sure? And once an item is given away it may change hands many times, or transform into other items and money, which in turn change hands and so on -- to revert such changes is quite hard and unfair on all the other players.
|
Quote:
|
Originally Posted by Urcscumug
So I believe them when they say "we can't do this". Because I take it to mean "we didn't put in any backup system because it was too complicated, we wanted to keep things simple, and there's limited use for it".
You may not like that answer, but it's not bullshit. |
Iuris
First, having a system of full server backup is different from a system that can make changes on a small scale, say per-item basis. Also, a server backup will be a snapshot of the entire server at regular intervals. If you roll back, ALL the transactions and achievements go down the drain, essentially pissing off EVERYONE else except the guy who lost his account. Kind of a big sacrifice.
Second, gold is different from items. Gold, you can restore, since it's generic. If you restore an item, however, you either dupe a new item or must take away the original item that may well be in the hands of an honest third player by now.
Second, gold is different from items. Gold, you can restore, since it's generic. If you restore an item, however, you either dupe a new item or must take away the original item that may well be in the hands of an honest third player by now.
cataphract
Quote:
|
Originally Posted by Iuris
First, having a system of full server backup is different from a system that can make changes on a small scale, say per-item basis.
|
Quote:
|
Originally Posted by Iuris
Also, a server backup will be a snapshot of the entire server at regular intervals. If you roll back, ALL the transactions and achievements go down the drain, essentially pissing off EVERYONE else except the guy who lost his account. Kind of a big sacrifice.
|
Quote:
|
Originally Posted by Iuris
Second, gold is different from items. Gold, you can restore, since it's generic. If you restore an item, however, you either dupe a new item or must take away the original item that may well be in the hands of an honest third player by now.
|
Urcscumug
I have some knowledge in this field. Both Iuris and I have given you perfectly valid explanations. Is it possible? Of course. Is it there and usable right now? Unlikely. There's quite a gap between theory on paper and real world implementation, and even when it's done, there's various degrees of how it works. This particular problem is a hard one. For various reasons I can only guess at, ANet doesn't have it up and working the way you want it. IMHO that's more likely than them being lazy bastards who can't be arsed to use it.
But if you really, really want to believe they are, I don't know what more we can say that will change your mind.
But if you really, really want to believe they are, I don't know what more we can say that will change your mind.
Iuris
Quote:
|
Originally Posted by cataphract
Technology required to recover single items from backups exists. Also, we're not talking about server but a database backup. And they don't get backed-up using a full backup every single time. That's what we have logs for.
|
Quote:
| Again, server backup is totally different from a database backup. And I wasn't talking about rolling back when someone gets hacked, pay attention please. |
Quote:
| You cannot "dupe a new item". Duping is the process of duplicating an existing item. New items are created. And every single one of them has an identifier which you use for tracking and logging. Restoring isn't either duping or creating, it's restoring ffs |
Also, while details of GW's server side data are not known, the little I've read indicates that the BLOBs that are our characters don't track items individually, which might explain why all the trouble with the mausoleum triples.
Now, I'm not saying that it's not possible to program such a tool that would allow such a functionality - I'm just saying that I believe Anet when they say they don't have one and understand why it may not be worth it to create it now.
cataphract
Quote:
|
Originally Posted by Urcscumug
I have some knowledge in this field.
|
Quote:
|
Originally Posted by Iuris
Having a server state backup is entirely different from having whole transaction logs. Also, having a mechanism for restoring a whole server is different from having a mechanism for restoring a single character.
|
Quote:
|
Originally Posted by Iuris
And I was telling you that the fact that they have a way to roll back a whole server doesn't mean they have a way to roll back individual transactions! YOU pay attention.
|
Quote:
|
Originally Posted by Iuris
You really don't know what you are talking about. Account is taken over, the "thief" then starts to sell items to convert them into cash. He gets cash/ectos, the other party gets items. To "restore" these items, you can either A) "reverse" the transaction, which means all the people who bought these items and had no idea the account had been stolen suddenly find their items missing, inconveniencing them or B) leave the traded items where they are and just create new ones in the inventory of the person whose account got stolen. This would create a duplicate of the item.
|
Quote:
|
Originally Posted by Iuris
Now, I'm not saying that it's not possible to program such a tool that would allow such a functionality - I'm just saying that I believe Anet when they say they don't have one and understand why it may not be worth it to create it now.
|
Also, it might be worth your while to note that I do not have any problems with your beliefs as you have with mine.
Silmar Alech
I don't understand that lengthy discussion about technical details about item/character/account restauration. It's not something we consumers can speculate about. Arenanet doesn't want to restore, so they are not doing it. It's their decision and became their policy. The question is irrelevant if it is theoretically possible to implement such feature, or if its already implemented but not used.
If they want it, and it's not implemented, they would implement it. But up to now, they don't want it, so they're not doing it. If you see rare reports about money restoration, it may be goodwill from their side, or fake screenshots, or a violation of the service process from support staff in favour to the user. We don't know. But nothing that is a regular service process everyone can benefit from.
If they want it, and it's not implemented, they would implement it. But up to now, they don't want it, so they're not doing it. If you see rare reports about money restoration, it may be goodwill from their side, or fake screenshots, or a violation of the service process from support staff in favour to the user. We don't know. But nothing that is a regular service process everyone can benefit from.
Iuris
Quote:
|
Originally Posted by cataphract
And I stated that no one in their right mind would gimp themselves so much as to not be able to create, undelete and recover items. WTB Attention much?
I was talking about the impossibility that any developer would fail to program in ways to create and undelete stuff. Srsly, pay attention. Or stop trolling. Or both. |
If you plan on one from the start, it's easily done. If you don't and only consider
items as a part of the character BLOB and base your security there, then it can be nigh impossible to do it. Not without reworking the entire engine, and that may well be something that would require a full GROUP of programmers and take them a long time.
It's just like an auction house. It's unimaginable that Anet didn't consider the need to implement one - and yet they didn't. And now we can't have one until GW2, because it would simply take too much effort.
So, I find it completely plausible that Anet would, in the age where item duping was a major concern, focus on making an airtight item system and never consider the possiblity that some idiot would share out his account password.
But, if you want to, go ahead and believe what you want. Anet don't seem to mind
cataphract
Is airtight really the word you'd choose to describe this system after all the duping? O_o
Matirion Maeronta
Quote:
|
Originally Posted by Silmar Alech
I don't understand that lengthy discussion about technical details about item/character/account restauration. It's not something we consumers can speculate about. Arenanet doesn't want to restore, so they are not doing it. It's their decision and became their policy. The question is irrelevant if it is theoretically possible to implement such feature, or if its already implemented but not used.
If they want it, and it's not implemented, they would implement it. But up to now, they don't want it, so they're not doing it. If you see rare reports about money restoration, it may be goodwill from their side, or fake screenshots, or a violation of the service process from support staff in favour to the user. We don't know. But nothing that is a regular service process everyone can benefit from. |
Emperor Bush
Quote:
|
Originally Posted by cthulhu reborn
Anyone can make a screenshot like that. So there's no telling whether this is a fake nor not. My feeling is that it is a fake.
|
He then found out a bunch of his ectos were missing, presumably the ectos they accused him of getting illegally. He complained, and they put that money back in his account.
It is 100% a real screenshot.
Iuris
Quote:
|
Originally Posted by cataphract
Is airtight really the word you'd choose to describe this system after all the duping? O_o
|
Div
Quote:
|
Originally Posted by End
62^13 or 200,028,539,268,669,788,905,472
|
It ends up being a little more than what you had, or about 203 x 10^21 combinations. It's definitely hackable, but the point is that alphanumeric isn't the main problem here.
Sounds like OP is mad.
End
Quote:
|
Originally Posted by Div
Because you can choose anything between 8-13 characters, the total number of possibilities is actually 62^8+62^9...62^13
It ends up being a little more than what you had, or about 203 x 10^21 combinations. It's definitely hackable, but the point is that alphanumeric isn't the main problem here. Sounds like OP is mad. |