With the huge security holes that they have with their autentication system its going to be hard to keep anybody. There seams to be an individual, or group of individuals who are working at exposing these holes. There was a post about this one guy saying it was able to brute force his way in after the coin lock. That post was removed from trions site. It would seam that this person or persons who posted that are out to get trion. I have to wonder how many more holes they have in there autentication system.
All I can say is you must bring in more new blood to replace the old blood leaving, and right now I don't think that is happening. I seen several folks come back to eq2, and all of them saying they were hacked and suffered and are not going back.
Everything about the security issue is summed up here.
Hi, everyone -- I wanted to get an update out for the weekend after the last day of excitement around here.
On last night's fix -- I'm very happy to confirm that we did fix a login vulnerability, with significant assistance from an extremely clever user.
The root cause was a very subtle bug in error checking of our login validations deep in the server code. No personal information or any such was leaked out, and no outside attacker penetrated our servers, networks, or databases.
We'd definitely like to thank Mr. ManWitDaPlan for the well-timed assist. Sir, we salute you and offer our most heartfelt thanks.
The rest of what I'd like to add isn't to detract from the above well-deserved compliment, but it's important to include in the comprehensive picture.
The sobering fact is that account security remains a multifaceted issue, as attacks from other sources continue.
It's important to remember is that while a hole was identified and fixed as rapidly as we possibly could, there are still hackers and botnets trying account/password combinations from compromised web sites and past MMOs.
They are doing this right now. Those attacks have been coming constantly since we launched the game. The only thing that changes are how many hundreds of computers are trying to get into your account at any given moment, where they're coming from, and how many are succeeding.
We do block them as they are detected, but the fact that they are using distributed botnets (compromised computers from across the globe) means that this will remain something that we will continue keeping an eye on, forever.
For users getting hacked this way, Coin Lock is currently doing its job protecting people's belongings, provided that your RIFT password and EMail password are both complex and entirely different.
Both the login fix and the Coin Lock addition have been doing their part in signficantly reducing overall incidents over the last 18 hours.
Neither one is a silver bullet, but so far it is looking to be a solid one-two punch for the weekend.
Then, with two-factor authentication coming very soon, we expect security to be improved even further.
All totalled up, under 1% of accounts with characters have had characters impacted. However, 1% of a surprisingly large number is still very noticeable.
Our staff has been, and will continue to be, working around the clock to get those impacted back in shape. We'll continue hiring on even more people to help people with issues of all kinds, as quickly as we can. (Another round of hires begin on Monday, and there will be even more to follow.)
As always, thanks very much for your time, your attention, your assistance, and your patience!
- Scott Hartsman
Exec Producer, RIFT
Reply With Quote
Yesterday 08:05 PM
There is NO miracle patch.
95% of what you see in beta won't change by launch.
Hope is not a stategy. ______________________________ "This kind of topic is like one of those little cartoon boxes held up by a stick on a string, with a piece of meat under it. In other words, bait."
1% of accounts were hacked?? That seems high this early in the process. Goldfarmers aren´t even really trying yet since there aren´t a lot of high level buyers yet.
Trion has also shot themselves in the foot with subscriber numbers and box sales. They published that bogus 1 million number which was meant to trick óutsiders´. Now it is basically impossible for them to release a real number, because then they would be force to admit that first number was deceptive. Even if they sold 900k clients, which is probably very generious, they would still have people asking.. ´um.. what happened to the other 100k ´.
I believe 600k clients sold is about right. But I doubt they will keep half of them past 2 months. The last two weeks havve not been very good for PR. Lots of comments about people already bored with rifts, about how bad pvp is unbalanced, and about the hacking stuff going on. You also don´t see a lot of positive posts about the longevity of endgame. It is decent, but considering players are just starting to experience it, you would expect a lot more excitement about it. The lack of excitment now means in a few weeks, people will be very bored.
1% of accounts were hacked?? That seems high this early in the process. Goldfarmers aren´t even really trying yet since there aren´t a lot of high level buyers yet.
Trion has also shot themselves in the foot with subscriber numbers and box sales. They published that bogus 1 million number which was meant to trick óutsiders´. Now it is basically impossible for them to release a real number, because then they would be force to admit that first number was deceptive. Even if they sold 900k clients, which is probably very generious, they would still have people asking.. ´um.. what happened to the other 100k ´.
I believe 600k clients sold is about right. But I doubt they will keep half of them past 2 months. The last two weeks havve not been very good for PR. Lots of comments about people already bored with rifts, about how bad pvp is unbalanced, and about the hacking stuff going on. You also don´t see a lot of positive posts about the longevity of endgame. It is decent, but considering players are just starting to experience it, you would expect a lot more excitement about it. The lack of excitment now means in a few weeks, people will be very bored.
WoW recycled ZG and ZA does that equal good press? Trions responds to hackers and pretty much fixes it in less then 3 weeks when it took Blizzard seven years. They fixed a new exploit in less then 2 hours.
wow vgchartz bullshit spamm again, i remember having this crap with sc2 and wow cata, where people claimed it sold like utter crap, when it beat records on first day, andsole more on first day alone, than vgchartz still shows
why? cuz those doesnt include digital sales, which is probably 80% of sales for all those 3 games
vgchartz were never accurate with pc sales , most of the time it have no data,
it takes data from retailers, do you know how many retailers there are in the world.. many, anyone who uses vgchartz or believe in them is complete m.ron nothing else.. get a clue really
Comments
Everything about the security issue is summed up here.
http://forums.riftgame.com/showthread.php?131497-Weekend-Security-Update
Weekend Security Update
Hi, everyone -- I wanted to get an update out for the weekend after the last day of excitement around here.
On last night's fix -- I'm very happy to confirm that we did fix a login vulnerability, with significant assistance from an extremely clever user.
The root cause was a very subtle bug in error checking of our login validations deep in the server code. No personal information or any such was leaked out, and no outside attacker penetrated our servers, networks, or databases.
We'd definitely like to thank Mr. ManWitDaPlan for the well-timed assist. Sir, we salute you and offer our most heartfelt thanks.
The rest of what I'd like to add isn't to detract from the above well-deserved compliment, but it's important to include in the comprehensive picture.
The sobering fact is that account security remains a multifaceted issue, as attacks from other sources continue.
It's important to remember is that while a hole was identified and fixed as rapidly as we possibly could, there are still hackers and botnets trying account/password combinations from compromised web sites and past MMOs.
They are doing this right now. Those attacks have been coming constantly since we launched the game. The only thing that changes are how many hundreds of computers are trying to get into your account at any given moment, where they're coming from, and how many are succeeding.
We do block them as they are detected, but the fact that they are using distributed botnets (compromised computers from across the globe) means that this will remain something that we will continue keeping an eye on, forever.
For users getting hacked this way, Coin Lock is currently doing its job protecting people's belongings, provided that your RIFT password and EMail password are both complex and entirely different.
Both the login fix and the Coin Lock addition have been doing their part in signficantly reducing overall incidents over the last 18 hours.
Neither one is a silver bullet, but so far it is looking to be a solid one-two punch for the weekend.
Then, with two-factor authentication coming very soon, we expect security to be improved even further.
All totalled up, under 1% of accounts with characters have had characters impacted. However, 1% of a surprisingly large number is still very noticeable.
Our staff has been, and will continue to be, working around the clock to get those impacted back in shape. We'll continue hiring on even more people to help people with issues of all kinds, as quickly as we can. (Another round of hires begin on Monday, and there will be even more to follow.)
As always, thanks very much for your time, your attention, your assistance, and your patience!
- Scott Hartsman
Exec Producer, RIFT
Reply With Quote
Yesterday 08:05 PM
There is NO miracle patch.
95% of what you see in beta won't change by launch.
Hope is not a stategy.
______________________________
"This kind of topic is like one of those little cartoon boxes held up by a stick on a string, with a piece of meat under it. In other words, bait."
1% of accounts were hacked?? That seems high this early in the process. Goldfarmers aren´t even really trying yet since there aren´t a lot of high level buyers yet.
Trion has also shot themselves in the foot with subscriber numbers and box sales. They published that bogus 1 million number which was meant to trick óutsiders´. Now it is basically impossible for them to release a real number, because then they would be force to admit that first number was deceptive. Even if they sold 900k clients, which is probably very generious, they would still have people asking.. ´um.. what happened to the other 100k ´.
I believe 600k clients sold is about right. But I doubt they will keep half of them past 2 months. The last two weeks havve not been very good for PR. Lots of comments about people already bored with rifts, about how bad pvp is unbalanced, and about the hacking stuff going on. You also don´t see a lot of positive posts about the longevity of endgame. It is decent, but considering players are just starting to experience it, you would expect a lot more excitement about it. The lack of excitment now means in a few weeks, people will be very bored.
WoW recycled ZG and ZA does that equal good press? Trions responds to hackers and pretty much fixes it in less then 3 weeks when it took Blizzard seven years. They fixed a new exploit in less then 2 hours.
Yeah bad press...........
wow vgchartz bullshit spamm again, i remember having this crap with sc2 and wow cata, where people claimed it sold like utter crap, when it beat records on first day, andsole more on first day alone, than vgchartz still shows
why? cuz those doesnt include digital sales, which is probably 80% of sales for all those 3 games
vgchartz were never accurate with pc sales , most of the time it have no data,
it takes data from retailers, do you know how many retailers there are in the world.. many, anyone who uses vgchartz or believe in them is complete m.ron nothing else.. get a clue really
I am impressed , they did fix it quickly , expected it would take a week of argueing for them to fix it .
But shows why they are the promising upstarts ....
Now lets see when there steampunk game is coming ^_^ they sold me another copy already .