 | | 
06-28-2008, 09:04 AM
|  | living the clean life | | Join Date: Dec 2005
Posts: 14,882
| | | What if a list of the serial numbers leaked or someone opened the box without buying it or someone bought it then returned it or someone randomly guesses the serial number(s)
__________________  |
06-28-2008, 09:33 AM
|  | ALTMAN BE PRAISED | | Join Date: Apr 2006 Location: Ohio
Posts: 4,923
| | Quote:
Originally Posted by CmdrTulkas  What if a list of the serial numbers leaked or someone opened the box without buying it or someone bought it then returned it or someone randomly guesses the serial number(s) | I highly doubt someone is going to go to the store and buy a ton of them just to write their serial number down and return it.
And while someone can probably create a serial number generator, it wouldn't help much because a specific serial number is tied to a specific account. So even if someone did buy one and return it, there would be no way that person would know who's account it belongs to.
Stores like Best Buy and other places don't re-shelve purchased games or items with serial numbers.
__________________  |
06-28-2008, 11:41 AM
|  | The Tux | | Join Date: Nov 2004 Location: Inside The StrafeRight.com Webserver.
Posts: 11,135
| | Quote:
Originally Posted by Dopefish You know, for the security this provides, it really is priceless. This will guarantee that no one besides you will ever be able to log in to your system.
I was trying to think of ways hackers can get around this, and while it is possible, it would require direct access to the device. First, writing a simple device emulator would get around the detection of the device. Second, you would need to generate a number which probably uses the serial number of the device as a seed. You can be sure the algorithm used in all devices is exactly the same, so the only unique thing with the devices are the serial numbers. So the way someone would be able to get into your account is gaining direct, physical access to the device you have, write down the serial number, and then work from there. If you do buy one of these, it might be worth it to peel the serial number sticker off of it and store it somewhere safe. If you take that device to work, or friends' houses, they'll easily just be able to look at it and write it down.
You may think this would be complex for the average person, but hackers will probably just make the emulator and such and put it up for download. All it would require then is for some dumb kid to download that software, punch in the serial number, and have it generate the information.
No matter what, though, this will easily make your account much more secure. I don't play WoW, but if they offered this for any of games I play, I'd have no problem throwing down a one time fee of $7. | Yeah, I would pay $7 for a device like this too...
As far as cracking into it... I've never heard of the RSA SecurID's being cracked... I'm sure someone has found a way, but the fact is... It is so complex that there is no point in trying to do it to jack wow accounts... If you can do that type of thing you could target larger companys.....
__________________ 
"Teck will be working on God's forum" -VincentVega
"...and I like killing zombies and Cap'n Crunch. you put those two together and you've got one LETHAL-ASS good time combo" -DanFortH
"An SQL query walks into a full bar and sees two tables in the corner, so he walks up to them and says... `Mind if I join you?`" -Evill
"teck is the noobest leet guy I've ever met" -CoffeeShark
|
06-28-2008, 11:43 AM
|  | Note: Huge Success | | Join Date: Mar 2006 Location: New England
Posts: 25,202
| | | Banks do just exactly this with Commercial accounts. My boss has a little thing that gives 6 digits, which change over time. Obviously you need them to log in to online services.
What you'll find is that any neat technology like this usually comes from big industry first before it trickles down into entertainment :O
__________________  |
06-28-2008, 11:56 AM
| | ALTMAN BE PRAISED | | Join Date: Apr 2006 Location: Ohio
Posts: 4,923
| | Quote:
Originally Posted by Teck As far as cracking into it... I've never heard of the RSA SecurID's being cracked... I'm sure someone has found a way, but the fact is... It is so complex that there is no point in trying to do it to jack wow accounts... If you can do that type of thing you could target larger companys..... | They don't have to crack it. They just replicate the encryption. If it uses RSA to encrypt it and generate the codes, they simply feed it the seed and generate a valid set of numbers that can be used. This isn't the same as decrypting it.
And Vega, we do use something similar at the bank I work at, but they're a bit more complicated and they don't just involve accessing a site and punching in numbers; they're actually needed to log in to work systems and do various things throughout the day. The amount of security in place at banks is kind of ridiculous.
__________________ |
06-28-2008, 12:21 PM
| | The Tux | | Join Date: Nov 2004 Location: Inside The StrafeRight.com Webserver.
Posts: 11,135
| | Quote:
Originally Posted by VincentVega Banks do just exactly this with Commercial accounts. My boss has a little thing that gives 6 digits, which change over time. Obviously you need them to log in to online services.
What you'll find is that any neat technology like this usually comes from big industry first before it trickles down into entertainment :O | Yeah... I had a SecurID while i was working for this one company... It was neat  Know what... I still have it too... lol
__________________
"Teck will be working on God's forum" -VincentVega
"...and I like killing zombies and Cap'n Crunch. you put those two together and you've got one LETHAL-ASS good time combo" -DanFortH
"An SQL query walks into a full bar and sees two tables in the corner, so he walks up to them and says... `Mind if I join you?`" -Evill
"teck is the noobest leet guy I've ever met" -CoffeeShark
|
06-28-2008, 12:38 PM
|  | Worst. Player. Ever. | | Join Date: Apr 2006 Location: Oregon
Posts: 8,288
| | | The one thing that I have against it is that they should be giving this away for free. Look at the people who this is geared toward, they are the people who have put >3k hours on it, and probably around $450 into the game.
That more than covers the cost of this device. Sure its a great security item (SecurID is well secure), but for whom its targeted $6.50 is $6.50 too much. I think what Blizzard should do is give it away to the players who have logged a certain amount of hours (500+) or a certain amount of months game-time (1.5-2 years).
__________________ Desktop E6700 ES @ 3.25Ghz (Zalman 7700cu) | XFX 4830 | Gigabyte P965-S3 | 2x2GB OCZ "Vista Upgrade" RAM |
1TB Segate SATA2 HD| Sound Blaster Audigy 2 | Antec 300
Laptop Thinkpad T42P | Pentium M 745 "Dothan" 1.8Ghz | 1GB DDR-2700 | Mobility Radeon 9000 32MB | 80GB
4200 RPM Drive | 14.1 XGA LCD | Intel 2200BG Wifi+Bluetooth |
06-28-2008, 12:44 PM
| | ALTMAN BE PRAISED | | Join Date: Apr 2006 Location: Ohio
Posts: 4,923
| | | That means nothing.
It's an optional device and you don't need it. Why would they waste all that money sending it out to people who aren't going to use it? Then once they send it out to all those people, they now have to provide free support for all the idiots that can't figure out how to use it, which will cost them money.
I don't think they should hand it out for free just because some person has no life and puts 80 hours a week into the game. Everyone pays the same price monthly.
__________________ |
06-28-2008, 12:50 PM
| | The Tux | | Join Date: Nov 2004 Location: Inside The StrafeRight.com Webserver.
Posts: 11,135
| | Quote:
Originally Posted by SonicSpeed The one thing that I have against it is that they should be giving this away for free. Look at the people who this is geared toward, they are the people who have put >3k hours on it, and probably around $450 into the game.
That more than covers the cost of this device. Sure its a great security item (SecurID is well secure), but for whom its targeted $6.50 is $6.50 too much. I think what Blizzard should do is give it away to the players who have logged a certain amount of hours (500+) or a certain amount of months game-time (1.5-2 years). | Its completely optional and its a one time $7...
That is NOTHING for someone who has put so much time into the game...
__________________
"Teck will be working on God's forum" -VincentVega
"...and I like killing zombies and Cap'n Crunch. you put those two together and you've got one LETHAL-ASS good time combo" -DanFortH
"An SQL query walks into a full bar and sees two tables in the corner, so he walks up to them and says... `Mind if I join you?`" -Evill
"teck is the noobest leet guy I've ever met" -CoffeeShark
|
06-28-2008, 05:03 PM
| | Worst. Player. Ever. | | Join Date: Apr 2006 Location: Oregon
Posts: 8,288
| | Quote:
Originally Posted by Teck Its completely optional and its a one time $7...
That is NOTHING for someone who has put so much time into the game... | True, then again I've never played WoW so I wouldn't know.
As for Dopefish's point, what I should have wrote is that it should be free for people who want and have put a certain amount of time into it.
__________________ Desktop E6700 ES @ 3.25Ghz (Zalman 7700cu) | XFX 4830 | Gigabyte P965-S3 | 2x2GB OCZ "Vista Upgrade" RAM |
1TB Segate SATA2 HD| Sound Blaster Audigy 2 | Antec 300
Laptop Thinkpad T42P | Pentium M 745 "Dothan" 1.8Ghz | 1GB DDR-2700 | Mobility Radeon 9000 32MB | 80GB
4200 RPM Drive | 14.1 XGA LCD | Intel 2200BG Wifi+Bluetooth | | |
| Tags | account, authenticator, blizzard, invitational, login, secure, stolen, theft, world of warcraft, worldwide, wow  |
Posting Rules
| You may not post new threads You may not post replies You may not post attachments You may not edit your posts
HTML code is Off
| | |
|
