Hacked Accounts

"
mkmaddage wrote:
"
MacantSaoir wrote:
You've not challenged a single point of anything I've said? They were told it would happen, there was a simple preemptive solution to prevent it happening which EVERYONE knows about (authentication) and it was not taken.
...
Complacency that's why. The only answer to it. So now they get to feel the rage of *insert number* gamers because of pure complacency. As I stated prior, I refuse to further support the game with more players or currency until this severe oversight is addressed.


I have indeed challenged "a single point" - that of assumption.

So, fair call - authentication is the solution that would have preemptively dealt with the issue. You were right.

What I am challenging is your assignation of motive to GGG's decisions. Now you're saying they were complacent and it's "the only answer". What about lack of resource? Chris said to some dude that they were taking stuff onboard but that doesn't mean that at crunch time, when the player base was whining because Open Beta was already delayed, they could afford the resource to fix issue no. 666. There are enough people whining that desync should have been top of the list. Who's whine should top the list? Wouldn't it be a great exercise to watch this community try and run a group endeavour of the scope of PoE.


Dsycn wasnt that much of a problem in CBT as i already stated, there were some mild annoying occurences from time to time, but nothing on scale to what we have been experience. The quality of the game hasnt been this low in a long-long time in regards to performance. They had to buy servers directly before launch because they werent prepared for the volume of users they were going to have. That's bad foresight, but understandable. You can't really predict the amount of people going to break your game at launch. This is true for almost every popular online game. All their servers get shit on, all of them (if your game is mildly popular) and its a hard thing for companies to accurately predict. As well as concurrency rates of users is hard to predict as well.

What wasn't hard to predict, what was a guarantee is that hackers would come, and they would loot and pillage. They did it in D2, they even duped in D2 before the loophole was closed. Why did they? because money thats why.

If you have a game that requires farming, and a game that has a strong use for currency and trading, you will be targeted 100% guarantee. There is no denying that at any point. Some men just want to watch the world burn, however the majority just want profit. If they can prosper they will attack.

The failure to be prepared for hacking, is completely different than the server issues. While both are equally important to the health of the game, each have different responses required of them.

The server issues are obviously mostly reactive, however the hacking problem should have been proactive and wasn't, and now its reactive and they get to deal with the consequences of that, as do all the users who were targeted with the hacks. That's the difference, and it's a huge one.
Last edited by MacantSaoir on Feb 21, 2013, 12:48:00 AM
I have my passwords set to phrases that no one in there right mind would ever have the guts to type out. For example-
1.JustinBieberIsMyHero
2.RebeccaBlackIsHot
3.Diablo3GOTY
And so on. Following my strategy will be a sure-proof way to not get hacked. :D
ive been reading through this and i just want to point out to people that say im running XXX anti-virus/malware programs..

you do know those work off virus's/spyware that have been detected and uploaded to your virus definitions.

so you saying you dont have a keylogger on your pc could be complete lies, as a hacker could write a new coded virus, and it would go undetected on your pc for ages before your anti-virus/malware program was updated with it.
IGN: Yunboro_
Last edited by ChemicalBurns on Feb 21, 2013, 12:56:11 AM
"
MonstaMunch wrote:



Given that it's entirely possible that a lot of the recent hijackings were no fault of the end user, it creates a bit of an awkward situation, don't you think?



"
Charan wrote:
Indeed it does...if you can prove that there's no fault on the end user's behalf.

Which is amazingly difficult.



Charan, you're not a fool, so I'm not going to point out the absurdity of requiring people to prove a negative. You know it can't be done.

The fact is, the account was hacked, and it was restored. You can argue that it isn't a hack, but it is clearly covered in the list of things Chris warned us to be careful of. It was a form of phishing. The only difference between this and other accounts that were lost to fraud is that GGG have admitted to it being their fault.

It's still subject to all the same logical arguments that Chris gave in his post. While you and I both know Prozon is one of the good guys, he could have died, then got one of his friends to fool GGG support so that everything gets restored. It's exactly the same justification that was given for not restoring accounts and you know it.

Edit: I'd also add that Prozon wasn't "required" to prove anything. If he was, he wouldn't have his stuff back. He got it back because GGG were honest enough to admit their mistake.

Edit 2: The exact line from the other stickied hacking thread is "unfortunately, we cannot restore any items lost to theft", it was in bold, and repeated twice in different wording during the same post. I guess "cannot" vs "will not" isn't really worth quibbling about, because they did it anyway.
Last edited by Foreverhappychan on Feb 21, 2013, 1:15:12 AM
"
MonstaMunch wrote:

Edit 2: The exact line from the other stickied hacking thread is "unfortunately, we cannot restore any items lost to theft", it was in bold, and repeated twice in different wording during the same post. I guess "cannot" vs "will not" isn't really worth quibbling about, because they did it anyway.



This, theft is theft no matters who's at fault. Again, more lies from GGG IMO.
"Unfortunately, we cannot restore any items lost to theft." Unless you are a well known streamer then we will do anything for you.
"
MonstaMunch wrote:


Charan, you're not a fool, so I'm not going to point out the absurdity of requiring people to prove a negative. You know it can't be done.

The fact is, the account was hacked, and it was restored. You can argue that it isn't a hack, but it is clearly covered in the list of things Chris warned us to be careful of. It was a form of phishing. The only difference between this and other accounts that were lost to fraud is that GGG have admitted to it being their fault.

It's still subject to all the same logical arguments that Chris gave in his post. While you and I both know Prozon is one of the good guys, he could have died, then got one of his friends to fool GGG support so that everything gets restored. It's exactly the same justification that was given for not restoring accounts and you know it.

Edit: I'd also add that Prozon wasn't "required" to prove anything. If he was, he wouldn't have his stuff back. He got it back because GGG were honest enough to admit their mistake.


Actually it was a good old con job, done mostly by hand. There was absolutely nothing Prozon could have done to avoid it, and the fault was 100% GGG's. Now that we've established that, it's easy to see the difference between what happened with Prozon and what is happening with others. With all the others, the password was stolen somehow -- and of course we can't say how. In this one case, the password was stolen directly from GGG and thus GGG can find out from whom. The sheer amount of verisimilitude to the Prozon case makes it almost open-shut. Almost.

Yes, it could have been a situation where Prozon and a buddy got together and formulated a way to 'steal' all of Prozon's goods and then delete, etc etc. But as long as GGG can identify through personal interaction when the theft took place and acknowledge it was their fault, then I think a full restoration is more than warranted.

I'm not a fool and as such I can see why GGG would own this mistake but remain distant from far less clear-cut cases. Was this phishing? Not really. It was entirely too personal. Someone didn't pluck Prozon's password from another site, etc. It was, however, fraud.

I understand where you're coming from but I implore you -- today is not a good day to be Chris Wilson. They've been working extremely hard on the race schedule only to be attacked by people from various time zones for whom the schedule is not advantageous (hey, I used to get up at 6am on a sunday to race...). People have been hacked and did you notice that Chris actually responded to a lot of their threads, and made a few statements?

Why not let the less-enlightened people here do the attacks and ease off for a bit, see what happens next?

For the record, if I were hacked and lost all my stuff, and then this Prozon thing happened, I'd see the difference and not ask to have my gear restored. That is how confident I am that these are very different circumstances.
Warhammer 40k Inquisitor: where shotgunning is not only not nerfed, it is deeply encouraged.

Dogma > Souls, but they're masterworks all. You can't go wrong.

I was right about PoE2 needing to be a separate, new game. It was really obvious.
"
MonstaMunch wrote:
Edit 2: The exact line from the other stickied hacking thread is "unfortunately, we cannot restore any items lost to theft", it was in bold, and repeated twice in different wording during the same post. I guess "cannot" vs "will not" isn't really worth quibbling about, because they did it anyway.


That one I will concede. They should have said 'will not'. But in their defence, there are many times where people say 'I can't help you' which is obviously bullshit. What they really mean is 'it wouldn't do any good to help you' or 'that's too much out of my way to help you.' Not saying that's what GGG means here, just that 'can't' isn't always about ability. Sometimes it's about feasibility.

So let's look at the whole paragraph:

"
Chris wrote:
Unfortunately, we cannot restore any items lost to theft. One of the most important things about Path of Exile is its online economy, and if we performed restorations on demand then the economy would be flooded with duplicated items. We've seen this in other games (where the game companies restore compromised items and create a massive economic problem in the game).


The Prozon incident was noted as completely isolated and quite unusual. It was a con job targeting a high profile player. I'm not even sure if the person who perpetrated it expected to get away with it; it's a hell of a good way to dicredit GGG.

So restoring Prozon's stuff was as much an attempt for GGG to save face as it was for them to do the right thing. The theft was obvious. It wasn't some faceless bot or mass password phish. It was personal and GGG fell for it.

And yes, I am sure that Prozon's 'fame' had something to do with it. It makes him a target and it also means that if he is screwed over by GGG's error, people are going to see. That said, I believe if this had happened to anyone else, GGG would have reacted in the same way, albeit much more quietly. A famous streamer was carefully attacked and part of that attack involved duping GGG. I don't think we can separate 'famous streamer' from the type of attack, in fact.

This was not in any way an attempt to set a precedent for restoring stolen items wholesale. Chris made that very clear too.

But what exactly were his options?

Someone at GGG messed up, got fooled, and a high profile streamer had his progress erased. This is a known fact.

Option 1: don't restore anything, citing the line you have quoted. Given this happened without Prozon's knowledge and, again, GGG *knew* it was their fault entirely, I don't see that as an option. It's morally corrupt to not fix an error of that magnitude, even though they are well within their rights to just say fuck it, that's our rule. Even though. it. Was. Our. Fault...yeah, I don't see that happening.

Option 2 (taken): restore prozon's items, explain very clearly why this one case demands that the 'cannot restore items' claim be superseded by the 'we fucked up, and we can fix it' clause, and accept that other people who have lost their gear lately in much less transparent cases will want the same treatment. Collateral damage: you're going against your word regarding not restoring stolen items; you're pissing off people who have been hacked but aren't Prozon, even though Prozon wasn't hacked, he was a victim of personal fraud.

Option 3: restore prozon's items, revoke the 'cannot restore items' rule and start to restore all the lost gear to everyone who has been hacked. Even though you've made it clear that this can result in a flood of duplicate items. This would make the players happy, no doubt, but it'd definitely wound the economy. It'd hurt the game.

...So which would you choose? Be a hardass despite your fuckup, own your fuckup in one clear case but stick to your digs where you believe you didn't fuck up, or own your fuckup and, hell, while you're at it, make everyone else happy too, even if that is completely against how the game should operate?

Warhammer 40k Inquisitor: where shotgunning is not only not nerfed, it is deeply encouraged.

Dogma > Souls, but they're masterworks all. You can't go wrong.

I was right about PoE2 needing to be a separate, new game. It was really obvious.
Last edited by Foreverhappychan on Feb 21, 2013, 1:36:47 AM
Fraud or what ever name you want to give it, it's still theft. And they clearly say any items due to theft.
"Unfortunately, we cannot restore any items lost to theft." Unless you are a well known streamer then we will do anything for you.
All my stuff is gone. I'm not a high profile player by any means.

My stash is gone...

Charan, I completely understand your point, but unfortunately, you're contradicting yourself.

It is now a well known fact that the recent hacking is contributed by some security exploits on GGG's sides, not the players. Shouldn't it be indirectly referred to be GGG's fault? and by that argument, and your opinions on this recent fiasco, it is only natural for GGG to restore all of the hacked users items, right? Since, technically, it was GGG's fault, phishing or not. Worse, it is a security exploits.

And believe me, I think it was a very bad move itself to rather prioritize one single famous person than the majority of the hacked users. Are they expendable because when they play, no people would watch their stream? Or attract another users? Wrong. Eventually, those hacked players would think bad of GGG's ways of handling this, and started the word of mouth that "GGG only caters to the streamers while we the simple players was ignored and treated as a "unimportant" person."

Also...

Call me a tinfoil lover, but something is definitely amiss with this prozonguy case. GGG said, it was phishing attempt and the fault was on GGG side, thus restoring the account. But, what proof they have on this case? What if this prozonguy was hacked in the same manner as everyone, and GGG attempts to cover it up by making it looks like mistake on their side?

If my theory above is true, which I never hoped to, then all of us here are not safe. Your exalts, as we know it, could disappear in a blink of an eye anytime soon.

Report Forum Post

Report Account:

Report Type

Additional Info