Curse

Shasgaliel · Dec 11, 2009, 03:06 PM // 15:06

I really hope they will address this issue seriously. Too many people I knew and played with left the game as a result of account hacks. I like the options JR put in the poll.

Fril Estelin · Dec 11, 2009, 03:27 PM // 15:27

I'd like to give a quick technical insight into the proposed solutions (which can also be gauged from the viewpoint of the players ofc, but it's not rare to find misguided security opinions):

1) Static IP/MAC/HW checking

Quite tricky as I suspect many people do like me, and use various accounts from the same IP and various computers anyway, thus making it more difficult to create a clean and simple to understand policy. Some people log in from other countries, e.g. via VPN, banning Asian IP from USA-/EU-tagged accounts may lead to more support problems than what NCsoft can afford for GW1.

2) Strong password policy

A good one anyway, BUT (and this is a MAJOR but) it needs to go hand in hand with good explanations (of why a password is not good AND what a good password is). A good password policy must start from the fact that passwords are tradeoffs between "difficulty to guess/crack" and "how easy it is to remember it", and thus a universal policy is not easy to impose to customers (Microsoft knows that fully well).

3) SecurID authentication option

Very likely to be difficult to manage on such a small-scale company. What looks (and is) fantastic to the customer in fact requires heavy resources behind the scene (both additional servers, modify software, but also new staff and staff training) which can only be recouped either on a WoW-scale or on the long term (if management made the bold decision to go that way).

4) "NO DELETE/SALVAGE/TRADE" option on characters/items

Good but prolly quite complex/costly to implement in the cluttered and outdated GW1 software. Plus it would take resources from the current Live Team projects, slowing them down more. (this actually applies to all proposals!) And potentially generate a lot of support tickets from people who change their mind or who've made a mistake (happens a lot!). And it'd be a perfect way for a non-pro hacker (e.g. your friend who's angry at you) to lock all your chars and annoy you!

5) Additional authentication for Xunlai storage access

Tricky. Authenticate means more stuff to remember/do each time you want access, whereas most people would like an easy access which simply requires a click. More than that and they'll start thinking about not using it!

6) Randomized point and click gui for password input

Breaks the game immersion, sounds too serious for a game, many people could actually get confused at this (it's not because it sounds easy for you that it is easier; I've actually read some research on that and this kind of new security features do improve the security, but at the cost of educating people)

7) Compromised account restorations

Impossible for GW1. That's what Anet will say.

(solution 11 not on the list: educate people? e.g. each Guru-er starts spreading the word rather than pointing fingers, people spend less time speculating about who's fault it is (while still asking Anet and NCsoft for accountability) and more time imagining how to change the situation by themself acting, rather than asking others to act)

Now, someone told me which website was compromised and I immediately thought: Anet and the community have been very lucky that it wasn't worse, it could have been a lot worse.

Riot Narita · Dec 11, 2009, 03:47 PM // 15:47

Quote:

Originally Posted by Fril Estelin

4) "NO DELETE/SALVAGE/TRADE" option on characters/items

Good but prolly quite complex/costly to implement in the cluttered and outdated GW1 software.

For character locks, I think not. It's comparitively simple, it only affects character selection screen, nothing "in game" needs to be changed, play-tested etc.

Quote:

Originally Posted by Fril Estelin

And it'd be a perfect way for a non-pro hacker (e.g. your friend who's angry at you) to lock all your chars and annoy you!

Do it the way I suggest (below), and the friend who's angry at you will most likely have to spend $80 or more to do this (assuming 8 characters). They'd have to be pretty angry to do that, and also quite dumb since the "victim" would GAIN a sh*t-load of characters/free storage in the process, and nothing would be achieved except cluttering up the character selection screen.

Quote:

Originally Posted by Hissy

They can eliminate that issue for characters at least:
Sell character locks, and give a free character slot with every purchase

That way:

a) No need for "undo" if someone changes their mind. It's impossible to have all slots locked, so you will always be able to create/re-roll a new character.

b) Due to the cost, people would think before locking a character

c) "malicious" locking would cost a hacker real money, and would achieve nothing but some clutter in the char select screen.

d) A-Net gets money out of it - the feature pays for its own development costs

e) No ongoing support needed - because of a)

I'm asuming a character lock would cost at least as much as a character slot.

As Zwei pointed out, the "angry friend" could buy enough locks/slots to completely fill your account. (And make them all Mesmers ha!) But that would cost over $200 assuming you had 8 characters originally - and even if someone was determined enough to buy you all that free storage... I'm sure A-net could find a way around that situation anyway eg.

Quote:

Originally Posted by Hissy

Well, suppose there ARE people in that situation. ANet can increase the maximum number of slots. Anyone subsequently buying huge numbers of character slots or locks needs to beware of the risks
.
.
.
or (accounts that have reached the max number of char slots) get a free account instead (of a free character slot) plus all skill/item unlock packs for it, and hell - they deserve it after buying THAT many slots.

the_jos · Dec 11, 2009, 05:02 PM // 17:02

Quote:

Originally Posted by upier

.....
Given this quote, I do not see why actions we take are even brought up.

If this issue can be resolved by our own actions, then PLEASE somebody make a Riverside thread describing exactly what we should be doing. Sticky it and plaster that link into EVERY "I got hacked!11"-thread before closing it.
If on the other hand the accounts can be compromised REGARDLESS of what we do, then STOP bringing the actions we take to this discussion. Because that's NOT the issue here!

I give an example I encountered recently and brought up in my previous post.
Somehow people managed to get access to the card of my bank and my pin code. It's called skimming (copy card and read pin when entered) and I know what I should look for to avoid this as much as possible. Still people managed to steal this from me.

I can yell at the bank that they should fix this now and do whatever they can to avoid this. But they do not control all the payment-devices, many are in less secured stores. People are implementing a fix (get magnet-strip out and work with chip) but this will take several years before full implementation.
Meaning I will be vulnerable to those kinds of attacks.
Good thing for me the bank covers the money, however, I could have gotten in some serious trouble if people had taken more from my account (because I also have to pay the bills).

Compare this to A-net.
Suppose there is a leak at A-net/NCSoft. This still means people got the initial data (the e-mail address) somewhere else. This is like the payment devices banks do not control. This would make it possible to brute-force or do a somewhat targeted attack.
Then it's known that many people use the same credentials at other places. Hack a less secure place and you have those available.

Let's put it this way. How many people are hacked while having:
- an e-mail address not registered on any fan forum
- e-mail address most likely unknown by other means (social sites, mailing lists and such)
- a truelely strong and unique password
- the actual e-mail address was not compromised

If there are many of those accounts I'd say the problem should be more A-nets problem. Just as banks took responsibility for skimming issues.
However, I doubt this is the case.

Please prove me wrong if you have solid data that my assumption is wrong.

Perkunas · Dec 11, 2009, 07:17 PM // 19:17

Other S/W

Remove e-mail for account id anywhere and everywhere.
Force the use of old password before changing to new with email verification prior to change.
Keep password changes game side not on a site else where.
Allow all ascii characters for passwords.
Drop down menu (point & click) listing each 'remembered' account name on game log on screen. Must remember the first letter/character in name to open menu with name and pass.

Just to list a few options.

Captain Scrat · Dec 11, 2009, 08:01 PM // 20:01

Well since my account got hacked just yesterday and my petition thread closed just now... I've voted for: Additional authentication for Xunlai storage access - Compromised account restorations - Strong password policy -Static IP/MAC/HW checking.

I do hope that this poll will be taken very seriously by ANet and be implemented in GW and/or in GW2.

Think ANet, please think about this! We are all vulnerable at this point of time!

- Captain Scrat

Rolain · Dec 11, 2009, 08:28 PM // 20:28

Virtual Keyboard on the login screen. Instead of typing passwords from your own keyboard, clicking on a virtual one. Prevents keyloggers.

Chthon · Dec 11, 2009, 08:56 PM // 20:56

1. I disagree, fiercely, with the decision to close the previous thread and replace it with this one. The problem is not that a-net doesn't know what security measures would constitute an improvement. They've been discussed for years. The problem is not that a-net doesn't know that they have a big security problem. They know. The problem is that NCSoft doesn't give a damn. You don't get NCSoft to give a damn by conducting polls of people, most of whom are technically unqualified, about possible security features a-net already knows about. If you want to get their attention, you're going to have to convince them that the cost of giving a damn is lower than the cost of lost customers/revenue if they don't act. You might get their attention with a large protest thread threatening not to buy any more of their products until they fix this. As someone noted in the previous thread, you might get their attention by making that large protest thread, then pointing it out to the "gaming press" like IGN. If the goal was to goad NCSoft off their ass and into action, replacing the protest with a poll was a step in the wrong direction.

2. What security measures you want depends on what method of account theft you're trying to stop. If you're trying to protect the idiot who gives their username and password to a "friend," character locks are about your only hope. If you're trying to protect people from RMT gold sellers attacking the NCSoft master account, you'd better start with the NCSoft master account.

In case anyone has been living in a cave, I'd like to repost this from the previous thread:

Quote:

I've been keeping tabs on the "I've been hacked" stories. The most likely explanation is that, in addition to the usual number of people who get their accounts stolen through their own stupidity, there is currently a method of stealing accounts directly through a-net/NCSoft. The password reset feature on the NCSoft master account seems the most likely culprit.

To me, that is the biggest problem, and the place where efforts need to be directed. I can do a perfectly fine job of keeping my computer clean, not giving anyone my username and password, not falling for phishing, etc., etc. Basically, I can manage not to be a total dumbass, and I am willing to accept responsibility for the consequences if I fail at that. But I am not willing to accept a system where I am unable to keep my account safe because a thief can just go straight to NCSoft and take it. That absolutely has to be fixed.

(Now, I am not opposed to added security features directed at protecting against user idiocy. If a-net wants to work on them, I'd be perfectly happy to have them. I just see them as far less important than protecting against NCSoft idiocy.)

3. The most important security improvements that could be made right now were left off the poll. They are all directed at fixing weaknesses with the NCSoft master account:

Quote:

Originally Posted by Martin Alvito

The NCSoft master accounts, however, have glaring security vulnerabilities. The following would make these accounts harder to defeat using automation and would protect us even in the event of unauthorized access:

- Let me delink my GW account from the PlayNC account (best)
- Force me to provide something additional to change my game passwords (existing PW, code from an e-mail sent to the login e-mail address, etc.)
- Do not EVER display the linked e-mail address that is my username
- Make the "change password" protections for NCSoft accounts themselves more secure
- Make it impossible to generate a valid list of actual NCSoft accounts via brute force
- Make it more difficult to brute force passwords (NO protections exist at present).

4. Now to take a look at the options from the poll:

Quote:

Originally Posted by JR

Static IP/MAC/HW checking

The best option from the poll. I'd like to flesh out some of the details for implementation:

It would have to be optional. And, sadly, the default would have to be disabled. If it were enabled by default, too many stupid people would lock themselves out of their accounts and it would be a PR mess. To counteract the undesirable default, I'd suggest (a) an introductory POP UP announcement strongly suggesting that the user go turn it on, and (b) a very good "what the hell is this" guide/instructions for unsophisticated users.
Whitelist option. Anything that's NOT the specified IP, IP range, MAC, hardware serial hash has to go through an additional password/security question/etc. to login. This additional hoop is part of GW and in no way connected to the NCSoft account.
Blacklist option. Anything that IS the specified IP, IP range, MAC, hardware serial hash cannot login to the account under any circumstances.
- Politically insensitive as it may be, "mainland China" should be a predefined IP block that users can simply check to blacklist. For most accounts, the only person who might ever try to login from mainland China is a thief. The comparatively few users who might live in or visit mainland China and make legitimate login attempts can simply not use this option.
- Stealing a page from g-mail, the user should be notified upon logging in "last unsuccessful login attempt X hours ago from IP W.X.Y.Z. (block this IP?)" and be given a chance to blacklist the IP that tried to login and strongly encouraged to turn on the whitelist feature.

Quote:

Strong password policy

Yes. This is easy. A paragraph of simple text is enough to explain to the user what they need to do.

Also, NCSoft site needs to be changed to even ALLOW strong passwords.

Quote:

SecurID authentication option

Not a fan.

First, the inconvenience level is quite high. The things can get lost, broken, dead battery, etc.

Second, while it does a good job of keeping out unsophisticated and unfunded attackers, someone willing to purchase and sacrifice enough keyfobs to figure out how to get past the physical tamper-resistance measures and dump the ROM can break the whole system. The RMT companies who steal accounts en masse are the second sort of attacker (at least some of them are).

Quote:

"NO DELETE/SALVAGE/TRADE" option on characters/items

Yes.

In order to allow me to change my mind, either (a) allow me to remove the lock after a 1 or 2 week wait, or (b) allow me to remove the lock with an additional password.

If, as someone mentioned, "my little brother got on my account and locked all my characters" is a problem, a time release lock would be the better option. On the other hand, getting into a "my little brother got on my account and locked all my characters" situation in the first place probably requires user idiocy...

Quote:

Additional authentication for Xunlai storage access

Inconvenience level is too high.

Quote:

Randomized point and click gui for password input

Inconvenience level is too high.

Also, only effective against keyloggers. Useless against the methods of account theft that worry me.

Quote:

Compromised account restorations

It's a budgeting limitation. Between the sheer volume of legitimate claims, and the extra work of sorting out fraudulent claims, support would need significantly more and more skilled people than it has now. They have the necessary data to do restores if they really wanted to, but not the staff.

Sir Cusfreak · Dec 11, 2009, 08:56 PM // 20:56

The fact that you can be booted by a new login WHILE YOU ARE PLAYING has to end.

I forgot about that part...

That is complete horse-shit as a feature to begin with, and needs to be removed like yesterday.

If I'm logged in there is NO reason NONE that I should be kicked out, short of anet personally yanking my account as a ban or something. A new login attempt SHOULD alert support, but should NOT boot me out.

Fix that FIRST!!!

/endrant

Chthon · Dec 11, 2009, 09:07 PM // 21:07

Quote:

Originally Posted by Sir Cusfreak

The fact that you can be booted by a new login WHILE YOU ARE PLAYING has to end.

I forgot about that part...

That is complete horse-shit as a feature to begin with, and needs to be removed like yesterday.

If I'm logged in there is NO reason NONE that I should be kicked out, short of anet personally yanking my account as a ban or something. A new login attempt SHOULD alert support, but should NOT boot me out.

Fix that FIRST!!!

/endrant

It's 50/50 odds you're online and thief boots you versus thief is online and you boot the thief. So, it doesn't matter whether the policy is to boot current user or not.

Now, a smarter policy (which could be introduced along with IP blacklisting and whitelisting) would be to see if either login comes from the usual IP/MAC/hardware and boot the other one.

Also, as you mention, ANY instance of two people logging into the same account at the same time should kick off a report to support.

didis · Dec 11, 2009, 10:00 PM // 22:00

First of all, we don't know for sure what causes the increase of hacks. Whether it is at the server side at ncsoft or at the client side by the player. Or somewhere in between. If Ncsoft can determine the cause of it leaving all options open then this could be investigated further to determine additional security meassures.

On the other hand i'm astonished everyone is replying with all kind of technical solutions. I think that if there is indeed an increase in account thefts ArenaNet should consider to counterattack the source by cooperating with ISP's and police force in the originating country of the hack. In this case possible meaning making agreements with law inforcement in China to investigate and take appropriate legal actions. If countries as China are so untrustworthy that would mean that you target that cause and not compensating it with meassures at ncsoft or client side. If it is determined that this not possible then it is to be considered to take addtional technical security meassures.

What i am also wondering is if Aion, Lineage are also experiencing these hack problems. Those can be added to you're master account too. That would make the business case to implement a more expensive sollution more likely. The costs for the security meassures can then devided to more people.

Resume my monoloque. There is no fail proof sollution if we don´t know what the cause is. In the netherlands there has been, in relation to the criminal code, a lawsuit where people were succesfully prosecuted for stealing in game assets from a guy. Maybe that is a sollution to scare of those criminal organisations.

Another Felldspar · Dec 11, 2009, 10:02 PM // 22:02

Quote:

Originally Posted by upier

Just to make this clear:
I will not be paying extra for sufficient security.

You've bought the game with the security that is already in place. To me that means that you've accepted the current level of security as "sufficient".

For me the current level of security is NOT sufficient and I am willing to pay for additional security measures. I am not willing to pay for anything else from A-Net or NCSoft without additional security measures being added.

Chthon · Dec 11, 2009, 10:37 PM // 22:37

Quote:

Originally Posted by Ayelet Feldspar

You've bought the game with the security that is already in place. To me that means that you've accepted the current level of security as "sufficient".

For all you know, upier bought the game before the NCSoft master account was introduced. Account security is severely degraded by the NCSoft master account, but how incredibly bad it is didn't become widely known until some time after its introduction, and after plenty of people had already linked their accounts blithely assuming NCSoft wouldn't totally screw them. Well, they did....

Riot Narita · Dec 11, 2009, 10:41 PM // 22:41

Quote:

Originally Posted by didis

First of all, we don't know for sure what causes the increase of hacks
.
.
On the other hand i'm astonished everyone is replying with all kind of technical solutions.

No, we don't know the source of the attacks - and thats EXACTLY why I want some technical solutions.

Because I want to mitigate the damage if someone breaks into my account, despite all my precautions, because ANet or NCsoft has a vulnerability that is being exploited.

Even if they found the cause right this instant, I'd STILL want them to add the damage limitation stuff... for when the NEXT vulnerability is found and exploited, or indeed - in case I did something dumb by accident.

Quote:

Originally Posted by didis

I think that if there is indeed an increase in account thefts ArenaNet should consider to counterattack the source by cooperating with ISP's and police force in the originating country of the hack. In this case possible meaning making agreements with law inforcement in China to investigate and take appropriate legal actions.

I'll be an old man before anything like that happens.

Meanwhile any exploits would continue and there'd STILL be no damage mitigation for the victims.

Quote:

Originally Posted by didis

What i am also wondering is if Aion, Lineage are also experiencing these hack problems. Those can be added to you're master account too.

I don't know about Lineage, but a few google searches shows that Aion players are indeed experiencing these problems.

Quote:

Originally Posted by didis

There is no fail proof sollution if we don´t know what the cause is.

There is no fail safe solution even if we DO know what the cause is. You plug one hole, but how long til the next one is found?

That's why I want permanent character locks, so my main characters can never, ever be deleted... even if new vulnerabilities or exploits are found.

Quote:

Originally Posted by Chthon

1. I disagree, fiercely, with the decision to close the previous thread and replace it with this one. The problem is not that a-net doesn't know what security measures would constitute an improvement. They've been discussed for years. The problem is not that a-net doesn't know that they have a big security problem. They know. The problem is that NCSoft doesn't give a damn. You don't get NCSoft to give a damn by conducting polls of people, most of whom are technically unqualified, about possible security features a-net already knows about. If you want to get their attention, you're going to have to convince them that the cost of giving a damn is lower than the cost of lost customers/revenue if they don't act. You might get their attention with a large protest thread threatening not to buy any more of their products until they fix this. As someone noted in the previous thread, you might get their attention by making that large protest thread, then pointing it out to the "gaming press" like IGN. If the goal was to goad NCSoft off their ass and into action, replacing the protest with a poll was a step in the wrong direction

Agree with this^

Faer · Dec 11, 2009, 10:44 PM // 22:44

Quote:

Originally Posted by Polgara Val

Even a small gesture saying "we understand your concerns and will look into it" will suffice, instead of the complete and muted silece, or at the very least an acknowledgement that there is a problem that needs to be rectified as efficiently and as quickly as possible.

They've said something to the effect of looking into solutions on the wiki (in a spot the majority of the playerbase will never be able to find it - Gaile's talk archives), but they won't admit to any problems other than the ones fansites supposedly have.

Quote:

Originally Posted by Fril Estelin

7) Compromised account restorations

Impossible for GW1. That's what Anet will say.

What makes it even better is that we know it's not impossible, thanks to what's-her-name getting hacked, destroyed, and then restored once enough community pressure was put on... or something. Silly mesmers. We know restorations are possible now, though.

vandevere · Dec 11, 2009, 10:48 PM // 22:48

Quote:

Originally Posted by Ayelet Feldspar

You've bought the game with the security that is already in place. To me that means that you've accepted the current level of security as "sufficient".

For me the current level of security is NOT sufficient and I am willing to pay for additional security measures. I am not willing to pay for anything else from A-Net or NCSoft without additional security measures being added.

Please, don't put any ideas into the execs little heads...

As I understand the GW mentality, you pay extra for more storage-inventory and account-and you also pay extra for cosmetic things. I'm okay with paying extra for those.

But computer security is NOT a cosmetic issue...

It's something that concerns all players equally. Therefore, it should NOT be micro-transacted...

JimmyNeutron · Dec 12, 2009, 12:06 AM // 00:06

Restore stolen goods...I can see the loophole in this:

Me: 100 items value over 100ectos ***EACH*** on hand
Friend#1: Fakes a hack and transfer my 100 items over to Friend#2 (REAL life friends that doesn't give it back I can kick his ass...LOL....) and make it look like a legit sale
Me: Report hack to ANET
ANET: Restore 100 items EACH value over 100 ectos back to my account.

Results: Friend#1, Friend#2 and I have double what we had originally.

Of course you don't do this from the same public IP address and use proxy servers. I'm sure we all have friends that don't live in the same city as we do. You'll be stupid and deserve to get caught!!!!!!! if you do this from the same public IP address.

Repeat w/ new friends.

So, before we had 20 mini Mad King guard...now we have 21 mini Mad King guard..
Repeat...mini Mad King Guard becomes 1000+ in a few days or months.

See? EVIL RULES!!!

gone · Dec 12, 2009, 12:47 AM // 00:47

Quote:

Originally Posted by JimmyNeutron

Restore stolen goods...I can see the loophole in this:

Me: 100 items value over 100ectos ***EACH*** on hand
Friend#1: Fakes a hack and transfer my 100 items over to Friend#2 (REAL life friends that doesn't give it back I can kick his ass...LOL....) and make it look like a legit sale
Me: Report hack to ANET
ANET: Restore 100 items EACH value over 100 ectos back to my account.

Results: Friend#1, Friend#2 and I have double what we had originally.

Of course you don't do this from the same public IP address. I'm sure we all have friends that don't live in the same city as we do. You'll be stupid and deserve to get caught!!!!!!! if you do this from the same public IP address.

Repeat w/ new friends.

So, before we had 20 mini Mad King guard...now we have 21 mini Mad King guard..
Repeat...mini Mad King Guard becomes 1000+ in a few days or months.

See? EVIL RULES!!!

all I see is you getting banned as well as endangering others. you might get away with it once, but the way you're on about it...you aren't gonna dupe that easy, that many times, when dealing with real people.

and paying extra for security? you must be joking. I'll drop the game like a bad habit.

Inde · Dec 12, 2009, 01:20 AM // 01:20

Quote:

Originally Posted by Chthon

1. I disagree, fiercely, with the decision to close the previous thread and replace it with this one. The problem is not that a-net doesn't know what security measures would constitute an improvement. They've been discussed for years. The problem is not that a-net doesn't know that they have a big security problem. They know. The problem is that NCSoft doesn't give a damn. You don't get NCSoft to give a damn by conducting polls of people, most of whom are technically unqualified, about possible security features a-net already knows about. If you want to get their attention, you're going to have to convince them that the cost of giving a damn is lower than the cost of lost customers/revenue if they don't act. You might get their attention with a large protest thread threatening not to buy any more of their products until they fix this. As someone noted in the previous thread, you might get their attention by making that large protest thread, then pointing it out to the "gaming press" like IGN. If the goal was to goad NCSoft off their ass and into action, replacing the protest with a poll was a step in the wrong direction.

Let me be very clear and show you why gaming developers laugh at your petitions and threats of boycotts. Now Martin Kerstein will probably hate me for this (sorry!), and let it be noted that this probably isn't his current opinion of this specific problem so please don't read more into it then necessary.

Little bit of background, if anyone followed Modern Warfare 2 you would know that there was a huge threat of a boycott over no dedicated servers. People were extremely passionate about this. Let me show you Martin Kerstein's twitter in response to it:

So MW2 sold nearly 5 million copies on day one just in NA and UK. I see the boycott worked. Boy who cried wolf indeed... http://bit.ly/CHeda

i think it is a perfect picture for a tendency of internet behaviour . check this article: http://bit.ly/fKiPv

and as a follow up on my earlier MW2 posting: http://bit.ly/3oqrSP

Just for illustrative purposes here in case people don't click the links:

I think this demonstrates fully the opinion of gaming developers as a group about community petitions and boycotts. There were 140,000 signatures on their petition by the way.

Our goal on this forum is to provide constructive feedback. While I can appreciate your desires to do this in petition form I would rather have the community engaged in discussion. Many people also expressed that in the petition thread as well. This thread is going very well, there is the exchange of ideas, there are opinions, there is analysis of different security options, there are voices that are offering their feedback. Exactly what is desired on a forum. I count this thread very successful.

Mireles · Dec 12, 2009, 02:53 AM // 02:53

I hope people realize that hackers from China have hacked the Pentagon and stolen sensitive weapon information a few weeks ago.... i don't see how Arena Net and PlayNC stands a chance.