Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:If you can install a keylogger, you've already (Score 2, Interesting) 248

So you're going to pay someone to sit there waiting for a 30 second window in which some random compromised account logs in? That just doesn't make sense. Even at Chinese farmer rates.

Why pay somebody to sit in front of a computer? It can all be automated. The receiving program automatically logs in, and then pages, messages, whatever, the person to come clean out the account. Also, there are bots to automatically clear out guild banks, sell things, etc. I don't think that the thieves consider themselves bound by Blizzards ToS. This just makes their lives a bit more difficult, but nobody said gold selling was easy.

Comment If you can install a keylogger, you've already won (Score 1) 248

I'm not sure that adding the authenticator will fix the problem of hacked accounts, it will just put things off until the thieves come up with a new system to break in.

If they can install a keylogger on your computer it should be easy enough for them to install a fake WoW login app. Put up the login screen, pass the username, password, and authenticator value to themselves, and give the hacked user a login error, realm is down error, or some such. Take the information and login to the account in the minute or so before the authenticator value expires.

Once the thief is in, it only takes a few minutes to sell gear and mail the gold. Login and realm servers being down occurs frequently enough that most players wouldn't suspect anything was going on if they're locked out for 30 minutes, which is more than enough time to for the thief to wipe out an account.

This is not a new idea, but one that has been floating around for quite some time as a method to access bank accounts, etc. which require some sort of authentication token.

BTW, if you put an authenticator on your WoW account you get a nice in game pet. If you remove the authenticator from your account, Blizzard removes the pet from your characters.

Slashdot Top Deals

The solution to a problem changes the nature of the problem. -- Peer