Sorry for the empty post, I entered my details and thought it would just log me in
Again, the only way to safeguard your personal details from theft is not to provide it. Game companies would do the industry a service if as a matter of POLICY declined to collect sensitive information that could be lost. For the product I'm working on, I only require a valid email, a password of course, and some security questions. Accounts are activated with a game time code which is purchased separately using PayPal. As a security mechanism, the service also keeps track of the last 10 IP addresses logged in from, and logs a unique but random key I create and store in the registry of each machine. That way I can see which accounts used the same machine without invoking any private information actually owned by the user. Anyway, the point is this : the game company doesn't NEED to know your real name or anything else about you. It also absolves my company of liability. Your responsibility is to safeguard your own account details. If for any reason I need to communicate with the customer, I can always email them.
Sorry, I think you misunderstood me, or I was not clear enough. I know very well what a DDOS attack is and how it works. Let me try and be more clear. What I meant was if you were going to hack into a database for the purposes of stealing information, then you would not also draw attention to yourself by using a DDOS to bring down their website or other services temporarily. You would silently slip away with the loot and make as much money off it as possible.
I am not entirely convinced the people who DDOSed SOE are the same ones who broke into the databases. I've read an article on the BBC contradicting you here in the sense that the SOE attack was not a common Anon or Lulz sort of attack. They usually admit to only DDOS attacks. The breaking into the database incident is not what Anon is usually on about, unless they've changed their tactics and in fact want to go against what they are proporting to doing: insuring internet openness and neutrality. If so, their plans will backfire.
Did they try to sell the information anyway? Perhaps someone did. But I doubt that was their primary motivation for attacking the company in the first place, since their behaviour seems to suggest otherwise. And I also doubt that the stolen information will result in much harm due to it being so widely publicized, people had ample time to change passwords and otherwise protect themselves.
That's where I disagree with you. I think the DDOS people were evidently in it to throw egg on SOE's face. The people who hacked into the database are probably not the same group and probably did it for financial gain. Again, there is no other reason to have broken into any game companies' databases and stolen players' information. That's holding the customers up to ransom basically and whatever did we do to Anon or Luz? They could have just broken in and said that they managed it. Right? That is how hackers exposing security flaws have done it in the past at any rate.
Will people possibly be targeted by more spam or phishing attempts? Again, possibly. BUT none of this is anything different from what was commonly happening for the last decade in any case.
The only game company's player databases I suspect got hacked and hasn't published anything about it is Blizzard. I emphasize the possibly part. I never ever saw strange ads or spams/scams come into my email box for any other game. I find it interesting that I started receiving supposed Blizzard spam emails, WoW phising emails. I also sometimes visit sites that show me WoW-oriented ads through google advertizing. Interesting, eh?
The internet will only get regulated in countries where their governments overreact to this particular, widely publicized, slew of hacks. The correct response for them would be to focus more on internet security and security policies, instead of looking for ways to take away people's liberties in order to protect them.
You say that but yet lots of laws passed in the US that govern the use of the communications affect us Europeans too. I agree with you about the liberties part, but that's the easy part to limit and that is most likely what will be limited in the long run.
It helps when you dont have any social site no smartphone and dont do anything through banking or financial on the net.
After 13 years without a breake ive manage that you can only find one result under my name ive achieved in chess in 2001 but thats very limited and not realy importend no info but only my name.
I never used any security program to make my pc safe and im never hacked i have had some minor virus couple of times but no big deal i just reformat if its troublesome.
Its all so simple but most only learn hardway. We dont live in fairytale world people so why you still put your whole life on net is beyond me. Like google with gmail lol and after while they wonder how it comes they know so much about you hahaha.
I predict in few years time many become slaves of these companys or limited in there freedom becouse they have leave a trail of info about there whole life on net , photos creditscard info personal info and where you live many already have so much personal info on net thats even SCARY, not to mention risk of criminals who get possesion of your personal life.
You alone can only protect your own privacy and you alone remember that.
The only game company's player databases I suspect got hacked and hasn't published anything about it is Blizzard. I emphasize the possibly part. I never ever saw strange ads or spams/scams come into my email box for any other game. I find it interesting that I started receiving supposed Blizzard spam emails, WoW phising emails. I also sometimes visit sites that show me WoW-oriented ads through google advertizing. Interesting, eh?
The internet will only get regulated in countries where their governments overreact to this particular, widely publicized, slew of hacks. The correct response for them would be to focus more on internet security and security policies, instead of looking for ways to take away people's liberties in order to protect them.
You say that but yet lots of laws passed in the US that govern the use of the communications affect us Europeans too. I agree with you about the liberties part, but that's the easy part to limit and that is most likely what will be limited in the long run.
Originally posted by MurlockDance
That's where I disagree with you. I think the DDOS people were evidently in it to throw egg on SOE's face. The people who hacked into the database are probably not the same group and probably did it for financial gain. Again, there is no other reason to have broken into any game companies' databases and stolen players' information. That's holding the customers up to ransom basically and whatever did we do to Anon or Luz? They could have just broken in and said that they managed it. Right? That is how hackers exposing security flaws have done it in the past at any rate.
I do concede that if it was different groups that perpetrated the theft and the DDOS, then it would stand to reason that the information thieves had far more nefarious intent and sold the data to the highest bidder. But if that was the case, then I don't understand why people are being so viciously militant about Lulz and Anon, calling for blood and such, when they are clearly no more than vandals / anti-establishment types.
The only game company's player databases I suspect got hacked and hasn't published anything about it is Blizzard. I emphasize the possibly part. I never ever saw strange ads or spams/scams come into my email box for any other game. I find it interesting that I started receiving supposed Blizzard spam emails, WoW phising emails. I also sometimes visit sites that show me WoW-oriented ads through google advertizing. Interesting, eh?
I know what you mean. I also get those Blizzard spam emails since signing up on Battlenet some years ago, for a trial no less. But my statements regarding database compromises, information theft and network security were meant in a broader sense than just games companies. Surely we don't hold them to a different yard stick when it comes to security. With my original statement, I simply meant that the year is 2011. Phishing emails have been around for some time now. And hopefully the public have educated themselves somewhat on the dangers of using the internet - by now.
But I've detected far more panic in the posts on this site and others regarding this recent spate of information theft than should be warranted.
Wow apologies for the spacing in that post. It seems they have changed the way that paragraphing works again. They already had a very idiosyncratic way of putting in paragraphs and now its just putting line breaks in wherever the hell it pleases. Someone should explain to their web dev the concept of WYSIWYG.
Selfish little internet e-peen pricks is what these guys are. We've seen them in dozens of FPS matches wtfpwning us by the masses before they get server kicked. It's as simple as using their knowledge or talent for good or evil. Okay, so now they've done it, now get the hell out there and do something with the knowledge. Teach the corporate infrastructure how to protect. Don't thumb your nose at them. Maybe then you could actually get paid some real cash *and* people would actually know who you are and not think you were a complete ass-hat. Not to mention the possible stints in prison...
The internet will only get regulated in countries where their governments overreact to this particular, widely publicized, slew of hacks. The correct response for them would be to focus more on internet security and security policies, instead of looking for ways to take away people's liberties in order to protect them.
I do hope you're right! The internet is up for grabs right now by greedy corporations and governments that are supported by them. The decisions the US makes could affect the entire world, since they have most of the TCP/IPs. Sigh.
I do concede that if it was different groups that perpetrated the theft and the DDOS, then it would stand to reason that the information thieves had far more nefarious intent and sold the data to the highest bidder. But if that was the case, then I don't understand why people are being so viciously militant about Lulz and Anon, calling for blood and such, when they are clearly no more than vandals / anti-establishment types.
The interesting thing is that the DDOS was widely publicized, the break-in of the database and subsequent theft of peoples' details was not. That's why I think they were done by two different groups. Are the hackers safe themselves? I proposed a hypothesis weeks ago that they were in fact infiltrated by criminals who hoped to gain from their DDOS attack. I actually applauded Anon for taking down bank companies who freezed assets to Wikileaks. I thought that what Wikileaks was doing was good because I think it's good to have a counterbalance to the mighty and powerful. But people who use SOE's services are not generally the mighty and powerful. We're just wanting some entertainment and stealing our details and then publishing some of them on the internet hurts us, not SOE.... even if we left SOE in droves, the information is still there.
But I've detected far more panic in the posts on this site and others regarding this recent spate of information theft than should be warranted.
I completely agree with you here. People do seem to have a panic response to this. I also agree with something you said earlier, that banks and the like are hacked all of the time. Unfortunately, a lot of banks are pushing their internet services on their customers nowadays because they want to close branches down and save money. I am opposed to this because of the internet security issues at stake.
By the way, according to the BBC again, Lulz has disbanded. There was a link to an interesting article on the Sun. All the while not the most reliable newspaper, they discussed the arrest of a supposed Lulz member.
"There’s one thing I’m worried all this hacking will be used for though: more arbitrary Internet laws. How long will it be before someone in Washington uses Lulzsec as a scapegoat for locking down the web tighter and tighter?"
This whole thing has had the inkling of a virtual burning of the Reichstag, it would be the perfect excuse for more draconian Internet legislation and tougher cross border cybercrime laws.
Who is to say these hackers haven't been completely manipulated by third parties, and not necessarily governments either organisations like the MPAA would have a vested interest in tougher laws. Its not like its unfeasible either, there is software that can allow a single person to manage thousands of complete personal identities.
One person could be stirring up hacker groups with a fake collective of seemingly like minded people.
Currently playing:
EVE online (Ruining low sec one hotdrop at a time)
Gravity Rush, Dishonoured: The Knife of Dunwall.
(Waiting for) Metro: Last Light, Company of Heroes II.
Comments
Sorry for the empty post, I entered my details and thought it would just log me in
Again, the only way to safeguard your personal details from theft is not to provide it. Game companies would do the industry a service if as a matter of POLICY declined to collect sensitive information that could be lost. For the product I'm working on, I only require a valid email, a password of course, and some security questions. Accounts are activated with a game time code which is purchased separately using PayPal. As a security mechanism, the service also keeps track of the last 10 IP addresses logged in from, and logs a unique but random key I create and store in the registry of each machine. That way I can see which accounts used the same machine without invoking any private information actually owned by the user. Anyway, the point is this : the game company doesn't NEED to know your real name or anything else about you. It also absolves my company of liability. Your responsibility is to safeguard your own account details. If for any reason I need to communicate with the customer, I can always email them.
Playing MUDs and MMOs since 1994.
It helps when you dont have any social site no smartphone and dont do anything through banking or financial on the net.
After 13 years without a breake ive manage that you can only find one result under my name ive achieved in chess in 2001 but thats very limited and not realy importend no info but only my name.
I never used any security program to make my pc safe and im never hacked i have had some minor virus couple of times but no big deal i just reformat if its troublesome.
Its all so simple but most only learn hardway. We dont live in fairytale world people so why you still put your whole life on net is beyond me. Like google with gmail lol and after while they wonder how it comes they know so much about you hahaha.
I predict in few years time many become slaves of these companys or limited in there freedom becouse they have leave a trail of info about there whole life on net , photos creditscard info personal info and where you live many already have so much personal info on net thats even SCARY, not to mention risk of criminals who get possesion of your personal life.
You alone can only protect your own privacy and you alone remember that.
Originally posted by MurlockDance
I do concede that if it was different groups that perpetrated the theft and the DDOS, then it would stand to reason that the information thieves had far more nefarious intent and sold the data to the highest bidder. But if that was the case, then I don't understand why people are being so viciously militant about Lulz and Anon, calling for blood and such, when they are clearly no more than vandals / anti-establishment types.
I know what you mean. I also get those Blizzard spam emails since signing up on Battlenet some years ago, for a trial no less. But my statements regarding database compromises, information theft and network security were meant in a broader sense than just games companies. Surely we don't hold them to a different yard stick when it comes to security. With my original statement, I simply meant that the year is 2011. Phishing emails have been around for some time now. And hopefully the public have educated themselves somewhat on the dangers of using the internet - by now.
But I've detected far more panic in the posts on this site and others regarding this recent spate of information theft than should be warranted.
Wow apologies for the spacing in that post. It seems they have changed the way that paragraphing works again. They already had a very idiosyncratic way of putting in paragraphs and now its just putting line breaks in wherever the hell it pleases. Someone should explain to their web dev the concept of WYSIWYG.
Selfish little internet e-peen pricks is what these guys are. We've seen them in dozens of FPS matches wtfpwning us by the masses before they get server kicked. It's as simple as using their knowledge or talent for good or evil. Okay, so now they've done it, now get the hell out there and do something with the knowledge. Teach the corporate infrastructure how to protect. Don't thumb your nose at them. Maybe then you could actually get paid some real cash *and* people would actually know who you are and not think you were a complete ass-hat. Not to mention the possible stints in prison...
By the way, according to the BBC again, Lulz has disbanded. There was a link to an interesting article on the Sun. All the while not the most reliable newspaper, they discussed the arrest of a supposed Lulz member.
Playing MUDs and MMOs since 1994.
"There’s one thing I’m worried all this hacking will be used for though: more arbitrary Internet laws. How long will it be before someone in Washington uses Lulzsec as a scapegoat for locking down the web tighter and tighter?"
This whole thing has had the inkling of a virtual burning of the Reichstag, it would be the perfect excuse for more draconian Internet legislation and tougher cross border cybercrime laws.
Who is to say these hackers haven't been completely manipulated by third parties, and not necessarily governments either organisations like the MPAA would have a vested interest in tougher laws. Its not like its unfeasible either, there is software that can allow a single person to manage thousands of complete personal identities.
One person could be stirring up hacker groups with a fake collective of seemingly like minded people.
Currently playing:
EVE online (Ruining low sec one hotdrop at a time)
Gravity Rush,
Dishonoured: The Knife of Dunwall.
(Waiting for) Metro: Last Light,
Company of Heroes II.
Directly relevant to your article; this guy gets it:
Internet Hacking, the New Age of the Horse Thief http://t.co/PnBu893
Wherever you go, there you are.