Here we go again :SOriginally Posted by Mona
Third game i think where my login has been compromised in, like, the last year. Luckily im not NA, use a fake name on bnet and a throwaway email.
Really, Blizzard? Seriously. Again.
Sigh.
Time to make sure security's upto date.
Seems to be US servers only from the details but seriously you would think blizz would have it's shit together by now...
Can't buy Ferraris if you sink money into security and other irrelevances.
So how secure this SRP thing really is? Is it realistically possible to brute force passwords if one has list of them?
What can you tell us about the scrambled passwords that were accessed?
Cryptographically scrambled versions of passwords for North American players were accessed, protected by Secure Remote Password (SRP) protocol. This information alone doesn't give unauthorized users the actual passwords -- each password would need to be deciphered individually. The added layer of protection from SRP makes that process computationally very difficult and expensive.
Lol about to post exactly this.. This is what, 3 or 4 times now?
< Jolin> you're prety too LanaTorrin
Clearly mafia.
First time for blizzard during time I have played wow, like three years. Dont know about earlier. Hmm I am EU, but wonder if beta account passwords were stored in US servers.
Last edited by sahtila; August 10 2012 at 01:04:10 AM.
People are all like "seriously battle.net gets hacked again" but I this is the first time I remember blizzard actually making a statement that data has been compromised.
But eh, by the time the passwords have been decyphered everyone with half a brain will have changed their password anyway. And no creditcard info or w/e was stolen so I wouldn't lose any sleep over this
Last edited by Pacefalm; April 9 2011 at 9:52 PM.
I don't even give a fuck, if they want to reactivate my Wow account for free than good for them. Last time that happened I got a free month of playtime and 40 stacks of saronite bars in the middle of WOTLK.
ok lol. will just change pw and switch from keychain auth to phone auth.
meh.
Appearently someone has stolen my D3 TRIAL account now aswell. I wonder what the heck they need that for?
Almost as weird as when someone appearently hacked my dusty old WoW account some 3 years after I had quit playing.
A friend told me she'd seen me online but I didn't respond to chat.
An account that hadn't been paid for or uppdated with a propper batle.net account or anything. Someone saw fit to hack THAT and appearently sink money into it to... iduno... sell off my dragonstalker armour or something?
What do the hackers do sith these accounts anyway? Have some asian guy powerlevel characters to 80 and ebay them?
Marder II, IS, PzKpfw III, AMX 40, PzKpfw III/IV, IS-3
Hack account, bot with account, sell gold, recieve moneh.
If you were a superhero you'd be The Incredible Fucktard with your ever-ready sidekick Douchetard Boy. Together, you fight intelligence and common sense where you go.
You must have reall shit passwords.
It's mostly 12 year old with their mom's credit card who buy WoW characters.
SRP is quite boss when it comes to being secure. SSL is based on it if I'm not mistaken.
http://en.wikipedia.org/wiki/Secure_...sword_protocol
http://srp.stanford.edu/whatisit.html
In practice, if the attacker has server's verifiers, he can do standard dictionary/brute force attacks against passwords. So better change yours, especially if it's a weak one.
Last edited by omeg; August 10 2012 at 12:07:57 PM.
Vulnerant omnes, ultima necat.
Changed passwords.
Now I am completely out of password formats that I have any hope of remembering so today is also the day I start storing my passwords on a bit of paper in my top drawer. Fuck I hate passwords.
this may assist you
No. A Rhinoceros is not a fat Unicorn.
Great ... no i can't think of any other password than "correct horse battery staple" ...this may assist you
Thankfully Itiken already posted the comic, because me thinks you need a little help in how to internet.
Posting Permissions
Reply With Quote
Bookmarks