0.9.13m Patch Notes

Version 0.9.13m
  • Added encryption to the game protocol.
  • There are now multiple redundant patching servers and login servers for each gateway in preparation for Open Beta.
  • Fixed a bug where toggling trade chat would sometimes not work correctly.
  • Fixed a bug where you couldn't join a town if vast numbers of other players were joining at the same time.
Lead Developer. Follow us on: Twitter | YouTube | Facebook | Contact Support if you need help!
"
Punkonjunk wrote:
Bug you referring to, is it how the checks/unchecks don't clear when you type a # or $? because that's sweet.


Yep
Lead Developer. Follow us on: Twitter | YouTube | Facebook | Contact Support if you need help!
"
Dreggon wrote:
Encryption?

Can you tell us just what sort of underhanded hackery we're allowed to get up to in Closed/Open beta?


We're preparing the banhammer for people who engage in underhanded hackery in OB :P
Lead Developer. Follow us on: Twitter | YouTube | Facebook | Contact Support if you need help!
"
Zoxc wrote:
"
exorzist wrote:
"
Zoxc wrote:
You can now play without people sniffing up your passwords, hopefully.


I assume it refers to
"Added encryption to the game protocol."

But wait, this was possible before?

Yes, and this was made worse by the fact that you couldn't recover accounts using your email address (which you still probably can't do). Now both the website and the game protocol encrypts your password.

You now need to infect the users computer or bribe GGG employees to access users passwords.


Even if you bribe us you would not be able to get the users password. We don't store them. We store salted multi-round hashes.

In addition, I feel it's slightly misconstrued to say that you could sniff passwords before. What you could sniff before was a hash of the users password (which is what the game client sends and what it stores when you use the Save Password feature).

This means that sniffing the PoE game connection previously would have been enough to steal a Path of Exile account, but that doesn't give away the actual text of your password which you might be using for other things.

In any case, the protocol is encrypted now.
Path of Exile - Lead Programmer

Report Forum Post

Report Account:

Report Type

Additional Info