Originally posted by Phry

sometimes wonder if they didnt ought to make  everyone take phishing recognition courses, of course a lot of it is common sense, but how often must blizzard have to deal with this kind of thing, along with other online services etc, i doubt whether its relegated to just online gaming, truth of the matter is, phishing among other online hazards, is a fact of life, companies like Blizzard have tried to 'idiot proof' things a bit by introducing authenticators, they can't however, protect other peoples email accounts, in this increasingly internet dependant world we live in, we have to protect ourselves, relying on others to clean up our own messes every 5 minutes is unrealistic, time to become educated in the dangers this environment contains. The information is out there, chances are your place of work even has cbt's on them, i'd be surprised if schools didnt teach this kind of thing also.

I'd be a lot less bothered by the looseness of Blizzard's security if it didn't have a track record of having loose security, dating back to even before WOW was released. The problems it faces are not unique, but most every other company I've ever dealt with online, whether it be a MMO or something else, seems to have reasonably contained the majority of problems that inevitably arise. Blizzard alone has the only one that I have consistently seen these kinds of issues, across multiple games and several different versions of battlenet, continue so long and seemingly unabated; it's like they haven't even bothered to try to even contain them. Now they are trying to tell the consumer it's all their fault, when clearly something needs to be fixed on Blizzard's end as well. Simply telling people to use an authenticator is not actually going to solve the problems inherent somewhere in how Blizzard manages Battlenet and the private information of it's customers, even if it's use will greatly reduce the impact of such problems for those who use them. If they were using the authenticator as part of a larger strategy to rein in the problem, rather than as a stand alone solution that puts the onus entirely on the consumer, it would be a lot easier to accept the position that Blizzard is simply trying to protect the consumers from themselves, since it would be a lot easier to trust that everything was as tight as it could be on their end, something that right now, I simply cannot believe.

Originally posted by sunshadow21
The only part with the authenticators that really bothers is that Blizzard seems to think that the use of them absolves them from having to do anything further on their end. If the authenticators were being used as part of a comprehensive process that actively included both Blizzard and their customers, I would have a lot less of an issue with it; as it is, the one-sidedness of their use just makes Blizzard come across as lazy and unconcerned about the quality of the product and service they are providing in exchange for the money they are getting from their customers. It will be interesting to see how the lawsuit goes; there is definitely some merit to some of it's claims even if it does go off the deep end in certain parts of it.

i'd love to know where you get your information from, do you know someone who works for blizzard and is part of their security team etc, because it sounds exactly like your making it up, though when it gets down to it, i don't think there is any company out there that doesnt take security issues seriously, but assuming that authenticators is all their doing, would be a very large and strange assumption, because all the authenticator is doing is helping you control security issues on your own pc etc. everything else is groundless speculation, and obviously uninformed at that.

Originally posted by sunshadow21

Originally posted by Phry

sometimes wonder if they didnt ought to make  everyone take phishing recognition courses, of course a lot of it is common sense, but how often must blizzard have to deal with this kind of thing, along with other online services etc, i doubt whether its relegated to just online gaming, truth of the matter is, phishing among other online hazards, is a fact of life, companies like Blizzard have tried to 'idiot proof' things a bit by introducing authenticators, they can't however, protect other peoples email accounts, in this increasingly internet dependant world we live in, we have to protect ourselves, relying on others to clean up our own messes every 5 minutes is unrealistic, time to become educated in the dangers this environment contains. The information is out there, chances are your place of work even has cbt's on them, i'd be surprised if schools didnt teach this kind of thing also.

I'd be a lot less bothered by the looseness of Blizzard's security if it didn't have a track record of having loose security, dating back to even before WOW was released. The problems it faces are not unique, but most every other company I've ever dealt with online, whether it be a MMO or something else, seems to have reasonably contained the majority of problems that inevitably arise. Blizzard alone has the only one that I have consistently seen these kinds of issues, across multiple games and several different versions of battlenet, continue so long and seemingly unabated; it's like they haven't even bothered to try to even contain them. Now they are trying to tell the consumer it's all their fault, when clearly something needs to be fixed on Blizzard's end as well. Simply telling people to use an authenticator is not actually going to solve the problems inherent somewhere in how Blizzard manages Battlenet and the private information of it's customers, even if it's use will greatly reduce the impact of such problems for those who use them. If they were using the authenticator as part of a larger strategy to rein in the problem, rather than as a stand alone solution that puts the onus entirely on the consumer, it would be a lot easier to accept the position that Blizzard is simply trying to protect the consumers from themselves, since it would be a lot easier to trust that everything was as tight as it could be on their end, something that right now, I simply cannot believe.

do you have any links to this 'history' of loose security by any chance, other than hearsay that is.. .. thought not.

Originally posted by Phry

i'd love to know where you get your information from, do you know someone who works for blizzard and is part of their security team etc, because it sounds exactly like your making it up, though when it gets down to it, i don't think there is any company out there that doesnt take security issues seriously, but assuming that authenticators is all their doing, would be a very large and strange assumption, because all the authenticator is doing is helping you control security issues on your own pc etc. everything else is groundless speculation, and obviously uninformed at that.

I wish I could believe you when you say that Blizzard takes security seriously, but it has too long of a track record for me to believe it. I have played a lot of games online, and been to a fair number of places around the internet as well, and Blizzard is definitely one of the worst in protecting their customers, both present and past. They are the only ones that I have ever had serious problems with, and even if I thought their games were worth the money I spent on them, I wouldn't buy it because I don't trust their battlenet security even remotely, authenticator or no. It's absurd that they can't take even a little bit of the money they make and at least keep the problem contained (I don't expect them to be able to eradicate it completely; that would be foolish).

Originally posted by Phry

do you have any links to this 'history' of loose security by any chance, other than hearsay that is.. .. thought not.

One, I tried downloading the trial for WOW, directly from them (no other sites, except perhaps this one, which has not given me trouble, were involved), played it for a week, and I'm still getting emails about my account, years later. Never had anything even close happen with anybody else, and I've tried a lot of games out over the years. Two, the problems I encountered with D2 on the on Battlenet the few times I bothered to venture onto it were enough to make me not bother very often. Three, if you genuinely believe that every single customer that has claimed problems with Blizzard brought it on themselves, you are delusional; at some point, there amasses enough circumstancial evidence that it becomes clear that at least some of it has to be valid, and Blizzard is well past that point.

Originally posted by sunshadow21

Originally posted by Phry

do you have any links to this 'history' of loose security by any chance, other than hearsay that is.. .. thought not.

One, I tried downloading the trial for WOW, directly from them (no other sites, except perhaps this one, which has not given me trouble, were involved), played it for a week, and I'm still getting emails about my account, years later. Never had anything even close happen with anybody else, and I've tried a lot of games out over the years. Two, the problems I encountered with D2 on the on Battlenet the few times I bothered to venture onto it were enough to make me not bother very often. Three, if you genuinely believe that every single customer that has claimed problems with Blizzard brought it on themselves, you are delusional; at some point, there amasses enough circumstancial evidence that it becomes clear that at least some of it has to be valid, and Blizzard is well past that point.

it's brought on by hackers.  wether on not battle.net got hacked is one thing.  but most account hacks are from users using the same email and password for everything.  hackers with hack into databases of game forums.  and then proceed to use those emails and passwords to get into peoples gaming accounts.  blizzard has no control over that.  im sure they could have better security but people need to stop pointing fingers.  if your acccount gets hacked it's becuase you weren't smart enough to keep your email and password safe.  by not using the same one everytime.

Originally posted by Kaynos1972
I hope the guy wins. This will send a very good message to other game company. Data security is not something to be taken lightly to force user to buy authenticator, it should be the same level for everyone.

  The authenticator has nothing to do with Blizzards internal security.  Its a fail safe to prevent the USERS END MACHINE from causing a problem.  You see, internal security prevents stuff like hackers and whatnot stealing sensitive information stored on Blizzards servers.  But they can't prevent YOU from getting a keylogger or Trojan during your time on the internet.  People do stupid crap online.  The most Blizzard can do is lock the account if its seen logging in from vastly different locations.  Otherwise, the person "hacking your account" did the same thing you would do.  Used your ID and Password.  They got it from your computer thanks to a keylogger.  Blizzard already DOES freeze accounts that log in from crazy different locations...but THEN you still have people who go on vacation and whine about losing access because they tried to log in from Florida 12 hours after logging in from Texas. 

  The aunthenticator is a system that helps the user from himself.  Even if the keylogger gets your information...it can't get the authenticator.  Without it, they still can't access your account.    But its not fair to think its Blizzards responsibility to provide that to you.  The end user COULD be more careful with their machines.  This is akin to blaming the dealership because you chose to drive the car 89 miles an hour with the e-brake on.  Yes, they are responsible for providing quality, not for your ignorance.  In fact, they should never have even sold the authenticator.  Anyone too stupid to check their system once in awhile probably deserves to have their shit compromised.

Originally posted by sunshadow21
Please note, I am not trying to say that the consumer in entirely off the hook, but I find Blizzard's claim that they are free from any responsibility to be unhelpful and a major turnoff just as much as the other extreme of saying that it's all Blizzard's fault.

 Blizzard never claimed to be free of any responsibility. They claimed they're taking every  precaution consistant with standard industry practices, and more.  More importantly they proactively restore stolen accounts and items which is more than most other companies. Blizzard is a big target with deep pockets. That attracts thieves, ***holes, and lawsuits. 

Originally posted by muffins89

it's brought on by hackers.  wether on not battle.net got hacked is one thing.  but most account hacks are from users using the same email and password for everything.  hackers with hack into databases of game forums.  and then proceed to use those emails and passwords to get into peoples gaming accounts.  blizzard has no control over that.  im sure they could have better security but people need to stop pointing fingers.  if your acccount gets hacked it's becuase you weren't smart enough to keep your email and password safe.  by not using the same one everytime.

Two problems with that.

First, I played WOW one week, never shared the login info with anyone or any other account, and someone still got a hold of it. And, again, Blizzard is the only company that happened with, despite me not doing anything particularly different with them than I did with any of the other companies whose games I tried, or for that matter, anywhere else I've ever been on the internet as a whole.

Second, I find the claim that Blizzard has no control over it to be pure BS. They cannot stomp it out completely, but they could do more to at least keep the problems contained, and track down and limit most of the repeat offenders. A lot of the reason they have the problems they do is that hackers can be pretty certain that Blizzard won't do anything in retaliation, certainly nothing that would stop them from trying again, and the affected customers can't do anything either. It is as much the fac t that Blizzard does nothing to combat the perception of a problem that causes them major difficulties. Less people would be wiling to try if they thought Blizzard actually cared, which right now, most people who aren't Blizzard fanboys would not likely believe.

As for pointing fingers, trying to blame it entirely on the consumer, which you did right after the admonishment to stop pointing fingers, is as useless as saying it's all Blizzard's fault, and that seem to be their strategy with everything I've seen with the authenticators. Like or not, until Blizzard steps up, and actively, openly engages these hackers, they will continue to have problems that most companies have found ways to contain.

Originally posted by zymurgeist

 Blizzard never claimed to be free of any responsibility. They claimed they're taking every  precaution consistant with standard industry practices, and more.  More importantly they proactively restore stolen accounts and items which is more than most other companies. Blizzard is a big target with deep pockets. That attracts thieves, ***holes, and lawsuits. 

Except they don't actually resolve the root problems, and they don't even meet standard industry practices. In a thread while back, their supporters even admitted that battlenet passwords didnt even have case sensitivity; if they can't even be bothered to implement something as basic as that, they are not meeting standard industry practices. Restoring stolen accounts doesn't do anything to deter the hackers; if anything, it encourages them by making it clear they really don't care what caused the problem, and that they have no intention of finding out the real problem, because that would likely require them to spend some of the vast amounts of money the games bring in. The big pockets argument falls apart when you realize that they had these problems back when they first released the original battlenet, and they were still trying to get the name recognition.

Originally posted by Kaerigan

Originally posted by Xiaoki

The Authenticator it to try and "fix stupid". 9 times out of 10 when someone gets hacked it is because they went to a bad website. But people never want to admit they clicked on a shady link in an e-mail or went to a bad website.

And then there are people like me. I've got separate passwords for my Battle.net account and the email it is tied to. My account got locked for "suspicious activity". I changed both passwords and even bought a new computer (not because of that incident, of course, it was just time to upgrade). Now my account is locked again. And NO, I have honestly not attempted logging on to any totallylegitbattlenetfreegold.com or something retarded like that. I haven't shared my passwords with ANYONE.

This is the only one of my hundreds of accounts on various websites that has been compromised.

It's not like I have any proof but sometimes I wonder what the fuck Blizzard is up to.

Stop talking common sense with the Blizzard fanbois.  They will ever accept that something very fishy is going on with battle net now matter what happens.  They love to blame the players or the fact that WoW has some many players which is a factor, but they'll never believe that blizzard is doing anything fishy in an attempt to make more profit.  They could even have a news conference and admit it and the fanbois would have some excuse to not believe them.  Nothing should ever be outside the realm of possibility when it comes to a company and extra profit.

Originally posted by Latronus

Stop talking common sense with the Blizzard fanbois.  They will ever accept that something very fishy is going on with battle net now matter what happens.  They love to blame the players or the fact that WoW has some many players which is a factor, but they'll never believe that blizzard is doing anything fishy in an attempt to make more profit.  They could even have a news conference and admit it and the fanbois would have some excuse to not believe them.  Nothing should ever be outside the realm of possibility when it comes to a company and extra profit.

At this point, I think I might prefer the thought of them doing something fishy over the thought that is actually in my head, which is that they aren't doing anything at all. I don't believe they are actively trying to hurt their customer base, I just think they don't care about resolving the root problems when they can simply have some minimum wage slop in a call center press a button and resolve the immediate problem. Sure, it costs them money to run the call center and pay the warm body pushing the button, but it's still far cheaper than actaully addressing the real problem.

Originally posted by sunshadow21

Originally posted by muffins89

it's brought on by hackers.  wether on not battle.net got hacked is one thing.  but most account hacks are from users using the same email and password for everything.  hackers with hack into databases of game forums.  and then proceed to use those emails and passwords to get into peoples gaming accounts.  blizzard has no control over that.  im sure they could have better security but people need to stop pointing fingers.  if your acccount gets hacked it's becuase you weren't smart enough to keep your email and password safe.  by not using the same one everytime.

*SNIP*

they aren't blaming the consumers.  they are doing there part and the consumers need to take responsibility and do their part.

Originally posted by Latronus

Originally posted by Kaerigan

Originally posted by Xiaoki

The Authenticator it to try and "fix stupid". 9 times out of 10 when someone gets hacked it is because they went to a bad website. But people never want to admit they clicked on a shady link in an e-mail or went to a bad website.

And then there are people like me. I've got separate passwords for my Battle.net account and the email it is tied to. My account got locked for "suspicious activity". I changed both passwords and even bought a new computer (not because of that incident, of course, it was just time to upgrade). Now my account is locked again. And NO, I have honestly not attempted logging on to any totallylegitbattlenetfreegold.com or something retarded like that. I haven't shared my passwords with ANYONE.

This is the only one of my hundreds of accounts on various websites that has been compromised.

It's not like I have any proof but sometimes I wonder what the fuck Blizzard is up to.

Stop talking common sense with the Blizzard fanbois.  They will ever accept that something very fishy is going on with battle net now matter what happens.  They love to blame the players or the fact that WoW has some many players which is a factor, but they'll never believe that blizzard is doing anything fishy in an attempt to make more profit.  They could even have a news conference and admit it and the fanbois would have some excuse to not believe them.  Nothing should ever be outside the realm of possibility when it comes to a company and extra profit.

I agree. If someone posts that they've been hacked, that they use the authenticator, that they use a unique PW and email address for their account, that they never click on email links or go to dodgy websites the first reply on the forums will be something like... "Yeah. But do you talk in your sleep?"

Geez. There're gonna win too. I knew I was getting duped when I bought mine.

I hope people stop blaming the victim so quickly when they say "I got hacked."

Originally posted by Kaerigan

Originally posted by Xiaoki

The Authenticator it to try and "fix stupid". 9 times out of 10 when someone gets hacked it is because they went to a bad website. But people never want to admit they clicked on a shady link in an e-mail or went to a bad website.

And then there are people like me. I've got separate passwords for my Battle.net account and the email it is tied to. My account got locked for "suspicious activity". I changed both passwords and even bought a new computer (not because of that incident, of course, it was just time to upgrade). Now my account is locked again. And NO, I have honestly not attempted logging on to any totallylegitbattlenetfreegold.com or something retarded like that. I haven't shared my passwords with ANYONE.

This is the only one of my hundreds of accounts on various websites that has been compromised.

It's not like I have any proof but sometimes I wonder what the fuck Blizzard is up to.

Could also be that blizzard system detected changes in your IP range and when that happen they lock the account as a safty measure. Have a friend who travel a lot and he have to go through that process once a day when he is no the road. He get the same message "locked due to suspicious acitvity"