 |
|
Mar 14, 2008, 11:08 AM // 11:08
|
#1 |
|
Frost Gate Guardian
Join Date: May 2006
Location: England
Guild: [MYST]
Profession: Rt/R
|
A simple anti-hack solution?
I have been hearing more and more recently of people's guild wars accounts being hacked into... Several guild mates and friends of mine have lost everything in the last few months but acutally what really gets me isn't the theft its the nastiness that goes with it.
For example a friend of mine was collecting every warrior armor in game for her hom. After removing all items and armor from all the other characters on the account they chose to delete one - the warrior.... it makes me question whether these people are angry at those who have worked to be rich or something XD Ok ranting aside i know there have been lots of calls for a character locks, where they can't be deleted but i think i have a far more simple soultion: Guild wars should pompt us, every 30 days on log in, to change our passwords - the sheer effort of having to log into playncmaster account every few weeks for those that are changing their passwords frequently would be removed and it would help to block the hackers who are simply "getting luckly" and guessing the right combanations - it would also give the chance to those less clued up on hacking etc to do something proactive. As for keyloggers etc, this obviously wouldnt work as well, but then i am under the impression that you have to download one in order to get hacked by one - thus less of a problem for people more aware of the internet's perils? |
|
|
|
Mar 14, 2008, 11:21 AM // 11:21
|
#2 |
|
Frost Gate Guardian
Join Date: Jun 2006
Location: My House
Guild: N/A
Profession: Mo/Me
|
yea, a limited time set on passwords would make sense, however, it may prove rather difficult to implement in a game with millions of players.
Also, the number of people who genuinely get hacked without the help of a 3rd party program is very small. Most people who are hacked get hacked because they downloaded some form of 3rd party add-on for GW, (i.e bot programs etc). This will mean it is quite low on ANet's list of things to do. |
|
|
|
|
Mar 14, 2008, 12:24 PM // 12:24
|
#3 |
|
Wilds Pathfinder
Join Date: Feb 2007
Location: right behind you
Guild: Highlander Honor Guard [HHnr]
Profession: R/
|
Gw should have a computer ID tracking system. That way if you report your account to be hacked, provide account name with password, and it finally gets through the mail; then arenanet can possibly log the hacker's computer ID and ban them from the server or report them for hacking.
But all in all, it's just like jackers said. Most hacking comes from idiots downloading third party software. |
|
|
|
|
Mar 14, 2008, 01:06 PM // 13:06
|
#4 | |
|
Jungle Guide
Join Date: Dec 2005
Guild: CULT
|
Quote:
NO. frequent password changes = MORE risk unless they are randomly generated by Anet themselves (and that is just no good, this is not the Pentagon). edit: Character locks / timed "fadeout" like in EvE is the simple solution. Last edited by Sleeper Service; Mar 14, 2008 at 01:08 PM // 13:08.. |
|
|
|
|
|
Mar 14, 2008, 01:06 PM // 13:06
|
#5 |
|
Grotto Attendant
Join Date: May 2005
Location: At an Insit.. Intis... a house.
Guild: Live Forever Or Die Trying [GLHF]
Profession: W/Me
|
When you get hacked it's for one of three reasons:
1) You've used an easily guessable password (e.g. username Ku Ku, password Ku Ku). 2) You've downloaded and run a keylogger. Usually these masquerade as cheats or hacks; anyone running crap like that get what they deserve. 3) You've given your password to someone who wasn't trustworthy. Maybe you've told your brother? Maybe you use the same password everywhere? Maybe you have it written down on a post-it next to your computer at work? Maybe you told the "ANet employee" who mailed you and asked for it? In short, it's quite easy to avoid being hacked. I definitely don't want ANet (actually NCSoft, which is much worse) interfering with my security arrangements. /unsigned. |
|
|
|
|
Mar 14, 2008, 01:10 PM // 13:10
|
#6 | |
|
Desert Nomad
Join Date: Apr 2006
Profession: W/
|
Quote:
If you force people to change their password all the time, ESPECIALLY if you also institute complexity rules like a lot of businesses do, you'll just irritate people into picking easy passwords because they'll get fed up with always having to stop and think of something new. Passwords should be encouraged to be strong from the start so there's no NEED to change them. Also, this needs to be merged with the dupe. |
|
|
|
|
|
Mar 14, 2008, 02:14 PM // 14:14
|
#7 | |
|
Frost Gate Guardian
Join Date: May 2006
Location: England
Guild: [MYST]
Profession: Rt/R
|
Quote:
|
|
|
|
|
|
Mar 14, 2008, 02:21 PM // 14:21
|
#8 | |
|
Desert Nomad
Join Date: Apr 2006
Profession: W/
|
Quote:
Short of pure, stupid luck on the part of the attacker, a sufficiently long and complex password will take years, decades, centuries, even potentially millenia to crack at current PC speeds. If she lost her account even with a strong password, she very likely did have some sort of malware executing a "man-in-the-middle" attack that saw the password pass unencrypted. With the continued insecurity of Windows and the frequency of attacks made against Windows software (not just Microsoft - all sorts of applications can be exploited), it's entirely possible she was subject to an attack she didn't notice and didn't explicitly bring on herself. Even just viewing a compromised flash ad on a legitimate website can be enough if the right combination of software and patch levels is present on a machine. Last edited by Ctb; Mar 14, 2008 at 02:24 PM // 14:24.. |
|
|
|
|
|
Mar 14, 2008, 02:33 PM // 14:33
|
#9 | |
|
Wilds Pathfinder
Join Date: Jan 2007
Location: Brisbane, Australia
Profession: R/
|
Quote:
|
|
|
|
|
|
Mar 14, 2008, 02:35 PM // 14:35
|
#10 | |
|
Wilds Pathfinder
Join Date: Aug 2007
Location: In my peanut brain
Guild: Zomg Zombies [OMG]
Profession: Mo/E
|
Quote:
http://www.pcworld.com/article/id,14...s/article.html Is an article talking about LoTR. Hope this sheds a little light into how this sometimes happens even if you didn't give out your info or download things you shouldn't. |
|
|
|
|
|
Mar 14, 2008, 02:51 PM // 14:51
|
#11 | ||
|
Grotto Attendant
Join Date: May 2005
Location: At an Insit.. Intis... a house.
Guild: Live Forever Or Die Trying [GLHF]
Profession: W/Me
|
Quote:
Quote:
* OK, I should clarify that. OK, yes, it can happen, if you use a common password, or any password likely to be in a dictionary, like, say, "banana" or a variant like "b4n4n4". If you have a mixed-case 9 letter or longer pw with digits and punctiation, however, you're highly unlikely to ever get brute-forced. At one attempt per second they'll be spending months trying to get in, and exponentially longer the longer the pw. There are plenty of guides on the net to how to create secure nonsense passwords which are still easy to remember; if you're worried about getting hacked, follow the advice of one of those guides. Last edited by Numa Pompilius; Mar 14, 2008 at 03:11 PM // 15:11.. |
||
|
|
|
|
Mar 14, 2008, 03:00 PM // 15:00
|
#12 | |
|
Wilds Pathfinder
Join Date: Aug 2007
Location: In my peanut brain
Guild: Zomg Zombies [OMG]
Profession: Mo/E
|
Quote:
Once someone has your account and gets in, they normally leave the guild they are in, and join a new guild. One of the first things a hacker does in GW is ask for everyone's MSN account (lol) and they also start asking about prices. Some even start giving away free things that normal player wouldn't, saying that they are quitting GW or never playing again. I, so far, have had three people in my guild get hacked. I try to caution everyone I play with to be careful of certain things. I give suggestions about what to avoid. Passwords are irrelevant when it comes to most things. Attack at the weakest link. If I redirected people that connect to this site, I bet I would have about a hundred accounts in a matter of days. My only advice is to be careful. However, even then bad things happen. You can't always blame people for things that are out of their control. |
|
|
|
|
|
Mar 14, 2008, 03:14 PM // 15:14
|
#13 | |
|
Grotto Attendant
Join Date: May 2005
Location: At an Insit.. Intis... a house.
Guild: Live Forever Or Die Trying [GLHF]
Profession: W/Me
|
Quote:
|
|
|
|
|
|
Mar 14, 2008, 04:16 PM // 16:16
|
#14 | |
|
Wilds Pathfinder
Join Date: Aug 2007
Location: In my peanut brain
Guild: Zomg Zombies [OMG]
Profession: Mo/E
|
Quote:
I should start a thread on dumb things people do that hurt them in the end... Example... when you forget your password or want to change it... you ask anet or any other company to send you an email so you can "reset" your password. Most people don't delete the emails and the links can remain active for a period of time.... Anyway, yes, I can normally hack people who give me their MSN account... or yahoo... or err... easiest is myspace. Anyway, sounds like it can't happen, however, everyone leaves footprints on the net. A suggestion for people in the future is don't use your GW account's email and password on other sites. Keep a separate email for GW only... Keep a separate email for just signing up for things... Keep a separate email for banking... Keep a.... do you get it now? Update your systems, especially your browsers and any third party software that you use. You are never fully protected. For that you would have to take a pair of scissors to your cat5 cable. |
|
|
|
|
|
Mar 14, 2008, 04:54 PM // 16:54
|
#15 | |
|
Technician's Corner Moderator
Join Date: Jan 2006
Location: The TARDIS
Guild: http://www.lunarsoft.net/ http://forums.lunarsoft.net/
|
Hack a Guild Wars account with an MSN/Hotmail/Live/.NET address? I call BS. It can be possible, though not as much as claimed.
Suffering from exploits through MSN and XFire? A "home beacon" for finding the user's pc on the Internet?I'd like to hear about these "exploits" and how it's a beacon. Quote:
As I mentioned it's often done by someone who you know and they know you. People don't realize their secret questions for their hotmail is often something that even their friends might know, or can ask and find out that easily. Your best protection is knowledge. I'm quite confident in my knowledge about computers and the Internet. Even my boss seems to think so, as I'm the head technician at my workplace. I'm so confident in my knowledge of computers and how things work that I don't run an anti-virus at all. I choose to run a firewall because I prefer to see where the programs I use are going to online. |
|
|
|
|
|
Mar 14, 2008, 05:12 PM // 17:12
|
#16 | |
|
Wilds Pathfinder
Join Date: Aug 2007
Location: In my peanut brain
Guild: Zomg Zombies [OMG]
Profession: Mo/E
|
Quote:
Guild Wars has a small underground culture of people that are very tech savy. One of the runs this forum. Lastly, I personally know over ten people that were packet hacking awhile back. I think they fail, however, they were into a lot of shady crap. Anyway, I am going to shut up. Apparently I don't know what I am talking about and people are just going to jump to conclusions here. |
|
|
|
|
|
Mar 14, 2008, 05:49 PM // 17:49
|
#17 |
|
Wilds Pathfinder
Join Date: Jul 2007
Profession: N/
|
just don't download key loggers and don't tell you're password to anyone.
thats one simply solution to hacking. |
|
|
|
|
Mar 14, 2008, 05:51 PM // 17:51
|
#18 | |
|
Wilds Pathfinder
Join Date: Aug 2007
Location: In my peanut brain
Guild: Zomg Zombies [OMG]
Profession: Mo/E
|
Quote:
|
|
|
|
|
|
Mar 14, 2008, 06:00 PM // 18:00
|
#19 | |
|
Lion's Arch Merchant
Join Date: Nov 2007
Profession: Mo/
|
Quote:
Seeing as how I can think of how to do it right now without really working hard on the thought I'm very positive it can be done, although not as easily as The Way Out is suggesting. It would take a bit of work. It's very scary what someone can do to you with just a tiny little bit of information. |
|
|
|
|
|
Mar 14, 2008, 06:02 PM // 18:02
|
#20 |
|
Jungle Guide
Join Date: Dec 2005
Guild: Rebel Rising [rawr]
Profession: A/W
|
Surprisingly, Guild Wars is the one game where I don't hear much about people being hacked. There is rumor about recent hackers using the "easy password" method, where, once they obtain your e-mail account, they will try all common passwords, and if it doesn't work, move on to the next e-mail account. My suggestion is, don't share accounts, and don't have an easy password (use 8+ letters and use both numerals and alphabet letters).
|
|
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Get Rid of the Bots!!! - The solution is SO SIMPLE | pipedream | Sardelac Sanitarium | 21 | May 22, 2007 05:26 PM // 17:26 |
| Simple Solution To Botting & Ebay | Ecomancer | The Riverside Inn | 13 | Sep 28, 2006 03:44 PM // 15:44 |
| Runners, scammers, simple solution. | tymeless | Sardelac Sanitarium | 16 | Jan 19, 2006 03:42 AM // 03:42 |
| ERMC | Sardelac Sanitarium | 4 | Jan 16, 2006 10:19 PM // 22:19 | |
All times are GMT. The time now is 07:06 PM // 19:06.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("