The 0.10.1d account changes
|
Cannot wait for this to be improved as I'm sick of having my account locked everyday due to my ISP using dynamic IPs.
Go to play... no password... type it in again... account locked... check email... enter code... unlock account... attempt to play. Sorry just cannot be bothered to put up with this to play anything. Will try playing again when this is sorted, but not till then, Goodbye. Edit. My ISP changes me from city to city every day. Same county so far. Last edited by Jaknet#1426 on Feb 24, 2013, 3:18:28 PM
|
|
" MAC adresses are changed far less frequently (usually manually) than IP changes. Maybe this security feature should be based off City + MAC address? /e + IP Range Someone could easily use a proxy located in the same city as the compromised account. Dynamic IPs don't allow you to base security off of IP. If you base it off MAC address and city, this forces the "hacker" to use the SAME MAC on the SAME network, which will NOT work... the network will not accept duplicate MAC addresses. You could add in IP range as well.. like all IPs in the xx.xxx.xx.xxx domain belong to "Cox Cable"... So basically if you check for IP range, this dictates the login request must come from "Cox Cable's" network, next you check to verify the city, and the MAC address of the NIC. If all of these things check out then you're awarded with a successful login. 1) Checking IP range = unique identifier/security measure but also makes "hacker" login on your ISP's network 2) Checking MAC = unique identifier/security measure but also because we made "hacker" login on your ISP's network and the way DNS works the network will refuse duplicate MAC addresses 3) Checking City = unique identifier/security measure Am I making sense? I just woke up, not quite "all there" yet. :P Thoughts? Never wrestle with a pig. You'll only get muddy, and the pig likes it! Never argue with an idiot. They'll bring you down to their level, and beat you with experience! "De plumber fixes de sync with de wrench." - Robert_Paulson Last edited by GodlyMe#1920 on Feb 24, 2013, 2:42:29 PM
|
|
|
The MAC addy idea presents its own problems. I move from my desktop to one of my laptops and boom, account locked. So now instead of a different city, you can be locked out by just going to a different room.
Evil Sysadmin
|
|
|
Hey guys @GGG,
The game needs a new, additional and different security layer, which is not based on the keyboard, because phishing programs can easily find out what you typed in when entering the password. The idea is a mouse-click based security feature (like some games already use). When you log in into your account, a windows appears with 10 numbers (9-0) on it. The number positions are randomized after every click, so a phishing tool can't know which number got clicked due to the mouse positioning. The password there will/must be a 4 digit number. This will take like 10 seconds for you to type in (guess even less), but it will provide a much tighter security level. So even if the hacker knows your normal password, he can't figure out your number so easily. After 5 failed tries, your account get locked for 1 hour and you get an email and a private message in the forum, that someone tried to log in 5 times and failed. With this information, you can change your main password and after 1 hour of waiting, you can play again. For the case you forgot your 4 digit number, it would be useless to implement a "Forgot number? We sent an email so that you can change it"-feature. Because it is highly possible that the hacker would have your email password. The only way to reset your 4 digit number is the support. You have to identify yourself in a way, so that GGG can see that that is your account. Then they can reset your digit password and you can choose a new one. Another option would be, that you have to type in your handy number when creating an account and in case you forgot the number, you can receive a SMS with a number/password which lets you reset the digit password. So it's highly recommended that you don't forget it. http://www.pathofexile.com/forum/view-thread/189267/page/1/#p1668409 |
|
" I think there is a plausible way, mainly using (b) How? Make trades official, secure, and verifiable. Imagine that (b) case you presented. Player A and B want to trade. Player A wants to sell item X for 1 exalted orb. Player A and B trade, player A gets an exalted orb, player B gets item X. You say that then player A will complain to customer support that his item X was stolen right? You say he'll make a "convincing" case, thus convince support to restore his item X. This would mean player A would have both an exalted orb AND his item X, while player B would see his item instantly disappear, right? But imagine there's a "Trading log" for every trade for every player. Imagine in your server, customer support has access to every trade Player A did. When Player A makes the "convincing case", support checks all his trades, and will see that Player A actually traded item X with Player B, thus not believe his claim. So, if a player wants to "fake" having his items stolen he won't be able to The other problem would be seeing how an ACTUAL item stealing would take place right? So, let's see if I get this right, someone hacks your account. When said account is hacked, they trade item X with their real account, thus "stealing" items, right? It would theoretically be possible for Player A to trade with Player B, but then call support and say that Player B hacked his account and "stole" his item right? Okay, first of all, if support can "see" the actual trade, they will see Player B gave Player A an exalted orb. We should assume that when someone "steals" your items, they don't give anything to your account back, other maybe than 1 SCroll of Wisdom or something right? This should already raise some bells that Player B DID NOT in fact "steal" his item X. Thus if someone was actually hacked, they'll see a recent trade in which he basically gave his item for free, which would be more believable. If you still think that may have some problems (maybe Player A giving away item X for free to player B, then call support and say B stole his item or something just to piss B off and ban him or something) then maybe there can be more security in trades? How about a trade password? A password you need to input every time you make a trade? This password would be different than your account one, and it would also be tied to your email. So if you forget it, it's sent to your email for you to see, etc (basically how every "forget your password?" thing works). This way, even if your account gets hacked, nobody can "steal" your items. Would something like this work perhaps? |
|
|
+1 for Magus. Similar, swipe and click method like many Smartphones use.
Gonzaw, tell me what happens if player A invites a player B who's a friend of player A, and player A just drops an item to the ground; player B gets the item , player A files a complaint, receives the new item, then gets the old item back from player B and ends up with 2 items. A nice approach to keep your items would be the possibility to account-bind your godly pieces, using a "seal" orb or a similar mechanism. These items will not be tradeable, you will not be able to drop them or sell them to NPCs, not able to use orbs on them either. In which case, you will only have to worry about your whole account being stolen. Added a smartphone authentication app, at some point, people will also be able to reclaim stolen accounts, with their bound items. Other ideas proposed are good too, but I think global solutions would be more fitting, such as using the mobile app to entirely lock your account access, until you use it again to unlock access (this could also be used for parental control and willingly restricting your playing hours, a nice feature no game has, that I know of). Also a FB / Google approach of player permanently activating and deactivating device access (combination of hostname+MAC address, not combination of city and IP --this will create more issues in both playability and security) would be a must-have. Device verification should be done via email or the mobile app. The current model, using single device redundant acces / locking is bad, both because many devices may need to be authenticated permanently and because IP and city combination is not a specific device identifier, whereas MAC and hostname are (as long as there is sufficient control for proxied connections). Same for ressetting the password. The revised security model has to be both tight and user-friendly, using gradual steps of optional protection. Last edited by aryosgr#3381 on Feb 24, 2013, 5:00:53 PM
|
|
" No. The (b) approach explicitly says the item is destroyed and given to the original owner. In that case, B's "old item" gets destroyed and A gets the original item Everything is as it was originally (A has the item, B has nothing) EDIT: I'm addressing the issue the devs posted about, which was that (b) made trading "unreliable" because items you trade with can instantly disappear if the guy you traded with claims that item was stolen I'm trying to figure out ways that's not a problem, thus you can use (b) for people that got hacked and their items actually stolen. Last edited by gonzaw#3022 on Feb 24, 2013, 5:45:53 PM
|
|
|
Such a solution is still practically impossible, because the required server logs could be tens to thousands of datadase stored transactions per day in a few weeks, given the current growth of the player base; plus it could require item tracking. Even using a weekly to monthly log data truncation or archiving, the imlementation would still be paranoid. And the more practical issue, like you said is differentiating between a legitimate trade and a false claim. Instead, the problem must be addressed in its root, that is being able to tell when a login was unauthorised, thus cancelling all transactions after this login, even if this means introducing the usage of temporal trade logs. Even better, prevent unauthorised logins, by using a secured device access list. Because, even if an account was really stolen and the trade is cancelled, still, the user who purchased the stolen item could be a legitimate user, thus offended from the rollback. And if this happens frequenty, it would mean a) users leaving the game because their account was stolen, b) users leaving the game because they had a trade rollback, even if they purchased a stolen item without knowing. It is the actual account highjacking that needs to be addressed and not use measures which do nothing to solve the problem and will be also server-taxing. Furthermore, after an account is stolen and a stolen item is sold, even if the trade is cancelled, the orbs from the purchase can be laundered, by tunnelling them through multiple other accounts, exchanging them with equivalent orbs and in the end accumulating a mix of 30% stolen and laundered money and 70% of real money from other users (exchanged for the money of the 1st trade) to a central account of the hacker. This will both a) do no justice for the hacker, he will have his money, even after the item is returned to the original owner, b) create inflation, because you now have the item AND its money equivalent pushed into the game economy. This is not very much different than if the item was dropped again by a monster, but speaking of godly, very rare drop items and such an exploit happennin frequently, it could introduce a model which could cause inflation. Normally, it would cause the opposite, but this will be accumulated money for purchasing the best items and not money directly flowing regularly into the economy. Hence, the shortage in goods will lower the prices, so the rich hackers buy them cheaper and after some point their surplass in godly items will increase the prices a lot. So for me, no item returns, just prevent account highjacking.
Last edited by aryosgr#3381 on Feb 24, 2013, 6:57:05 PM
|
|
|
Do you back data up? Or keep any sort of record of logins? Would it be so difficult to do a rollback?
Because, it is clear that you fucked up and we suffered for it. To give us nothing but a big "fuck you" in return is the shoddiest of policies. We've sunk time and money into your game, and now we're left to deal with your mistakes. Take some responsibility and deal with your own mess in a better way, don't just disregard your customers. I don't care about the few orbs that I lost, but it's the principle that matters. If you're not going to restore anything because you're afraid of a little bit of duping, false claims, and upsetting the "economy", why don't you do an event with more useful rewards? Throw a decent MF ring in there somewhere. Why not ask for players to volunteer to help you deal with legitimate cases? Surely, there is something more constructive you can do than turn your back and shrug the problem off. There's a fair solution that works for everyone, that is, if you've got the imagination for it. |
|
" Wait wait wait. One thing is that it's "impractical" to use this solution because you need lots of databases to store the logs and stuff, but another issue is whether this solves the specific problem the devs thought giving back stolen items (to accounts that were indeed hacked) would bring. Also you can make the logs erase themselves after 1 week or something. You would normally notice your account was hacked before 1 week has passed, thus be able to check all the trading history of your char in that span. Another thing would be detecting if someone got hacked if you see him trading all of someone's orbs at the same time. Just like some ATMs don't let you draw more than X amount of money (in case someone forces you to take money out or someone steals your card+pin), you can make it so per day you have a limit to what you can trade or "give away". I dunno, the thing is that if indeed someone gets hacked, there are viable solutions for GGG to give item returns. Yeah some may be costly, some may be "annoying", but it's what you've got to do to please your player base. |
|
