Mar 24, 2011, 06:03 PM // 18:03
|
#101
|
Frost Gate Guardian
Join Date: Aug 2010
Guild: Dragons Den
Profession: E/
|
Quote:
Originally Posted by Urcscumug
I don't understand why.
Cryptography at its core means two parties know a secret that nobody else does. It doesn't work if one of the parties got its brain rooted by villains.
.
|
Ah! I see where i did not explain sufficiently. The temporary code could be sent in the clear with no encryption at all only to be 'decrypted' at the log in point. In my case only one system 'knows the secret' and that is the log in Server. The rest of the encryption SSL or such is there just to prevent MitM hacking.
SBE also takes a snapshot of the system at various times and reconciles that with on file information both local and remote. The ongoing snapshots are so close to impossible to duplicate that it can even mess the signature up on the exact same system if that system becomes compromised. A zombie system trying to duplicate that sig will be seen as a foreign system even if they get everything right. Yes, it also uses serial numbered USB devices that look and act like a standard USB drive. That is why I said such was used in the first post.
It is a combined effort to take as much authentication out of the hands of the user as possible. Again, it is THE method of various agencies around the world of preventing log on compromise. So far not a single successful attack has been made against such a system.
Well, credential attack There have been many well publicized breaches of some of these systems but they all came from OS exploits, browser exploits or firewall breaks and such. Basically the people got in after the person was already logged on and took partial control of the system. I say partial because after the system was logged out it could not be logged back in. The log in and credentials remained safe even though parts of them were known.
With massive amounts of super computing / distributed computing you might be able to get past such a system but there are far easier ways than that.
Now, if we had quantum state based encryption through quantum entanglement we could have unbreakable encryption. Any attempt to decrypt such an encryption would fail every single time even on the very machine that created the key. That is still science fiction but may not be for much longer.
Oh, and even with everything I am talking about it still only comes down to this on the user end;
Plug in USB device
Input username and password
play game
Last edited by LordDragon; Mar 24, 2011 at 06:49 PM // 18:49..
|
|
|
Mar 24, 2011, 08:57 PM // 20:57
|
#102
|
Academy Page
|
Urcsumug, I think you've got half of what I'm proposing but not the other half -- the signature changes every log-in. It's not that your IP is now authenticated (in fact, IP wouldn't figure anywhere into it) -- it's that when you log out and log back in you need to authenticate again.
I think I'm going to sit down and actually make said device in the upcoming month, just so I can tell people "it's not hard, they should be doing it yesterday."
Last edited by Surgo; Mar 24, 2011 at 09:01 PM // 21:01..
|
|
|
Mar 24, 2011, 10:18 PM // 22:18
|
#103
|
Krytan Explorer
Join Date: Jan 2011
Guild: UNO
Profession: W/
|
@LordDragon: what you describe (examining the system, taking snapshots) can only be done by running software on the computer. Any software or data on the computer is under malware control => fail.
You're either not explaining it right or not making sense.
Quote:
Originally Posted by Surgo
Urcsumug, I think you've got half of what I'm proposing but not the other half -- the signature changes every log-in. It's not that your IP is now authenticated (in fact, IP wouldn't figure anywhere into it) -- it's that when you log out and log back in you need to authenticate again.
|
Of course the signature changes every login, it's based on a different challenge from the login server every time. In fact the server will issue challenges for all important operations.
Problem 1: You say it's not about the IP; but how will the server know which client is the "good" client? How will the device describe the GW client that should be allowed to login, out of the millions of clients installed in the world?
Problem 2: If you want to only do this for login, what I said stands. After a successful login, if the malware is on your computer it can strip your toons naked and that's it. So login is not enough (it would put a damper on botting, if required across the board; but not on account hijacking). You have to authenticate each potentially harmful operation (trades, merch buy/sale, collector exchange, quest taking/handing/abandon, item drops, map jumps, item destroy, salvage etc.) How does your device handle that? How will the device know if your client does things because you told it or because the malware told it?
Banking websites do it by giving out a challenge code and asking you to enter it into a device and come back with the proper response code. If you do this for every operation above it will be secure, but it's gonna get really old really fast.
|
|
|
Mar 24, 2011, 10:24 PM // 22:24
|
#104
|
Academy Page
|
I was under the assumption that an account could only be logged in once at a time -- is this not the case? Otherwise, the challenge-response could (of course) only happen when the USB device was plugged in. When you're not actually playing the game, you should unplug it from your computer.
|
|
|
Mar 25, 2011, 12:16 AM // 00:16
|
#105
|
Frost Gate Guardian
Join Date: Aug 2010
Guild: Dragons Den
Profession: E/
|
I am explaining it correctly, I just think you are refusing to understand. I work with clients who use such a system (but also add biometrics) every day. It works beautifully and has not been hacked even after systems have gotten infected with specific key loggers/malware to their industry.
Every log on has to be logged in a physical book, every written down log in has to be cross checked with the log in server every day. That is how I know they have not been compromised via credentials. What Surgo is proposing is actually part of the system I am describing. Yes, Surgo, it already exists.
Again, this is about CREDENTIALS log on not other hacks.
The malware you talk about in your Problem 2 is easy enough to stop. Just kill the game! Hell, if my character starts running places that I am not running him I would kill the game client in seconds. Already have done that when the keyboard locked up once. He wouldn't stop running in circles.
For malware to stealth sell off your stuff and compromise your game account they would need to break the database/client/server interface on the game server itself. If they could do that I think we would be seeing posts about items vanishing while people are playing. Have you seen any? I haven't.
Oh, and the snap shots in SBE are both on the client computer and FROM the log on server. It is a combination of so many different areas that no malware in the world is going to get them all and get them all right. The fact is the log on sever only uses some of the information each time and even THAT changes.
The very act of intercepting the particular client with malware or changing the client itself causes the log on to fail. Read that bold part over and over and over again until you get it. that is the basis for the whole thing. Yes, that means that you would have to re-authenticate yourself if you put on a macro keyboard, logged in from another system, changed out your G15 for another identical G15, changed out your mouse, and more.
Last edited by LordDragon; Mar 25, 2011 at 12:22 AM // 00:22..
|
|
|
Mar 25, 2011, 04:02 PM // 16:02
|
#106
|
Krytan Explorer
Join Date: Jan 2011
Guild: UNO
Profession: W/
|
Quote:
Originally Posted by Surgo
I was under the assumption that an account could only be logged in once at a time -- is this not the case?
|
Yes, but that does not prevent the malware for kicking in when it detects the GW client running and doing stuff instead of you.
Still, the device would reduce botting by orders of magnitude (if it becomes mandatory) and it would prevent account hijacking, so there's value in the idea.
Quote:
Originally Posted by LordDragon
Hell, if my character starts running places that I am not running him I would kill the game client in seconds.
|
The first thing the malware would do is disable your mouse and keyboard. Not to mention that computer reaction time is about a million times better than yours.
Come on, give the hackers some credit, from what I've seen they tend to be rather smart.
Quote:
Originally Posted by LordDragon
For malware to stealth sell off your stuff and compromise your game account they would need to break the database/client/server interface on the game server itself.
|
Which has probably been done. And there's a large chance you don't have to reverse engineer the protocol, only to piggyback on the client interface. (I don't know, I haven't looked into it.)
Quote:
Originally Posted by LordDragon
If they could do that I think we would be seeing posts about items vanishing while people are playing. Have you seen any? I haven't.
|
It's not done because it's not needed right now. At the moment a simple keylogger does the job. If there ever is a need for more sophisticated tools, they'll show up, you can be sure of that unfortunately.
Quote:
Originally Posted by LordDragon
Every log on has to be logged in a physical book, every written down log in has to be cross checked with the log in server every day. That is how I know they have not been compromised via credentials.
|
No, that's how you know it happens after it happens. Because the computers say someone logged in and the written log doesn't. Doesn't do prevention or recovery, only provides a [late] warning.
Quote:
Originally Posted by LordDragon
I am explaining it correctly, I just think you are refusing to understand.
|
You're only describing effects of the system, not explaining the how. So forgive me that it took me a while to infer the how on my own, since you weren't helping.
The problem I had is that you seemed to be describing a device that is at the same time isolated from the computer and interacting with it. As long as I assumed that the device has to have a regular software presence on the system, I couldn't imagine what would prevent the malware from taking over that presence.
I think I may have figured out. You're talking about a hardware chip connected directly to the motherboard and/or the CPU, or even replacing the CPU, which means complete low level access and control to everything. Which is in fact an even more powerful form of mind-control than the malware. To make an analogy, the malware is like using telepathy to influence and control you; the chip is like cutting you open and sticking wires directly into your brain.
The problem is that this is not a trivial device to make or use. I don't doubt that the military or corporations use such a thing, but you can't expect ordinary users to use it. First of all, it would cost a bomb to design and manufacture such a device (even assuming you stop at a single special motherboard, not attempting to make mass-market models for any CPU slot). This is not something that can be plugged into USB on any computer and just work. There's nothing inside a regular PC that allows a regular USB device to do this.
And even assuming for the sake of argument it was possible; would you plug into your personal computer a device that has complete control and reports privately to a private company? Wouldn't you be replacing the malware with an even bigger evil?
|
|
|
Apr 13, 2011, 11:52 PM // 23:52
|
#107
|
Pre-Searing Cadet
|
A Cautionary Tale
A Cautionary Tale
My wife and myself have played Guild Wars just short of six years. The game has provided us with thousands of hours of entertainment. I have made friends from all over the world whom I never would have without this game. We have shared the triumphs of struggle and the agonies of defeat. For that I am grateful.
Through our guild and various alliances we have held Cavalon and HzH. Slain Urgoz countless times. Dominated the Challenge Ladder for years. We won the Hall of Heroes on occassion as well. As a guild we accomplished all aspects of the game with the exception of GvG. As individuals we attained GWAMM status and filled our Hall of Monuments. I personally have achieved five GWAMM's and was on course for the sixth.
However ..................
Last Sunday, my wife was unable to log into her account.
She followed the login instructions to reset her password, and waited the twenty-four hours for a response.
No response was made.
She contacted support via email and was provided assistance to log into her NCSoft master account and change her password.
She followed the instructions this morning, and found that her account had been stripped of her virtual worldly goods.
During the course of looking over her raped account, we noticed that my account was online.
I immediately attempted to login, and was denied.
I have contacted support for assistance regaining my account, which is most likely in the same pillaged state that my wife’s account was in. I am awaiting a reponse beyond the automated one.
The moral of this story is this ......
I have followed all the rules and taken all the precautions advised by Arena Net and NCSoft. No third party programs. Unique passwords that are not used anywhere else. No real money trades. Our computers are virus and trojan free. My wife doesnt even know my account password.
Based upon what i have read on the forums over the years, i can draw no other conclusion than the one that has been voiced by others. The NCSoft Master account is the only common element I have with those that have had their accout stolen.
Do not think it will not happen to you.
Unfortunately, this latest experience has left me somewhat jaded as to the future. I will not be an active player in Guild Wars anymore. As far as Guild Wars 2, I am undecided as of yet. However, should the NCSoft Master Account be needed to access my Hall of Monuments and bring forward my Guild Wars achievements, I dont believe I will be a participant.
Good Night and Good Luck All
W I C K E D
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 08:28 PM // 20:28.
|