There is a craze at present in Italy, (where I live), about recycling. It’s the big new thing. Everyone needs to recycle because it’s “good”, which then means if you don’t recycle you are “bad”. Apart from glass, I don’t recycle. There are a number of reasons for this, but it’s mainly to do with the fact that I am not a lazy brain duped moron. And furthermore, I refuse to buy in to the enormous con that is recycling. Recycling is one of those things that makes people feel good, like they are actually doing something, when in reality they are doing fuck all. I went to a dinner party at a friends house here in Italy a few months ago. They are proud recyclers. Their small 50 square meter apartment is full of recycling bins for different products, (nothing like turning your house into a garbage dump to make yourself feel good). They went on and on about recycling, as did the other guests, while I sat through it because I was hungry. Then they served dinner on plastic plates, with plastic utensils, and plastic cups. So they didn’t have to waste time washing up.
But they recycle, so it’s all okay, right?
Recycling is a mistake for two reasons. Firstly, it is looking at a problem in the wrong way. We shouldn’t be focused on recycling as much as we should be focusing on our daily habits that lead to the build up of garbage. I don’t recycle because I have very little recyclable waste. I do most of my shopping at little markets, or buy direct from the producer. I try to buy whatever I can in glass. I am not going to take up half my home to divide material waste, (particularly as I have first hand knowledge that most of it gets tipped in all together at the final destination, but that’s another story).
The second mistake, and the bigger of the two, is that the current recycling mania targets the wrong group – the consumer, when it should be focusing on the producers of these goods. Walk into any supermarket and have a look at the astounding number of different packaging that companies use to sell their products. A popular yogurt drink has three different packaging components in the one item: plastic, tin foil and paper. But it’s easy to guilt trip the entire population into believing that it is their responsibility to solve this problem and then let social pressure sort out the few that realise that this is a load of nonsense.
You know I’m going somewhere with this. Wow.com reports that guild rankings can be set to have an authenticator requirement to the account. This of course doesn’t concern me one bit, as The PuG guild has no guild bank, so I can’t see Gevlon caring about this at all. But the idea behind it is what interests me. The authenticator is the lazy fix for people who can’t be bothered to practice proper internet security on their computer. Blizzard won’t ship these with every Cataclysm box sold because it is not in their interests for everyone to have one. If every account had an authenticator then the hackers would be motivated to find a way to crack them. They’d have to, and they would. So it is the lazy way, both on the customers part and on Blizaards part to keep things moving along, just so the amount of hacked accounts doesn’t completely overwhelm Blizzards support staff. The autheticator creates its own social guilt trip issue, just like recycling. It’s “only” €6, when in fact the shipping costs to some countries come in at almost €100. But even if it wasn’t that costly, why should we have to pay for Blizzard to do their job? I mean, this is the same company who had the fucking brilliant idea of making our email our account name and then sticking it on a global chat system, which means that hackers only have to work out one code instead of two.
But the real point here is that the authenticator attacks the problem from the wrong direction. It puts the onus on the consumer to solve the problem instead of the company, in this case Blizzard. It is Blizzards problem that people are getting hacked as it costs Blizzard time and thus money to fix these cases. So it attempts to shift the responsibility and cost for this onto the consumer, knowing that the community will police itself by calling people who get authenticators “good” and those that don’t as “bad”. And all the while the real problem of hackers remains, in all their forms.
I am not happy at this in-game change requiring an authenticator to experience the game in full, (with Blizzard once again passing the buck by saying that it is at the GM’s or guilds discretion to activate it when we all know very well that they all will). Like I said a while ago with the Real ID mess, this is just a first step. What other parts of the game in the future will I not have access to due to the fact that I do not have an authenticator? I think that it is outrageous that I already pay my full monthly fee but come Cataclysm I will not have full access to the game due to the fact that Blizzard is too lazy to actually deal with this problem.
September 15, 2010 at 7:24 pm
I agree largely with what you’re saying but they also do a mobile authenticator that’s free.
So if you have a reasonably swish phone its a free download and setup and grants the same protection.
September 15, 2010 at 7:28 pm
I’m not seeing how you connect not having an authenticator to not being able to experience the game in full.
You’ve already stated that it doesn’t affect you, as your guild doesn’t use a guild bank, so it’s a non-issue. Not having an authenticator doesn’t stop you from raids, pvp, or playing the AH at the highest level – the only thing it would limit is access to the guild bank for specific rankings for guilds who choose to use them (and yes, many do).
On the hacker subject, it’s hard to police that system. Hackers exist because they have a customer base – if people didn’t buy gold, sell accounts, or sell items with RMT, then why hack an account except to be malicious? No profit = no business – something any goblin can agree with.
September 16, 2010 at 12:32 pm
How about reading the entire post before leaping to comments:
” Like I said a while ago with the Real ID mess, this is just a first step. What other parts of the game in the future will I not have access to due to the fact that I do not have an authenticator? ”
Its the principle of doing this and how it may affect the future of the game. Not ONLY this one instance.
September 16, 2010 at 3:45 pm
Follow your own advice much?
Yes, he says that, but then follows up immediately with “I think that it is outrageous that I already pay my full monthly fee but come Cataclysm I will not have full access to the game due to the fact that Blizzard is too lazy to actually deal with this problem.”
So far, there hasn’t been any notifications from Blizzard that says, “If you don’t have an authenticator, you will not be able to do X” with the exception of modified guild rankings that require voluntary guild participation.
September 16, 2010 at 4:39 pm
It doesn’t make much sense on their end, and they haven’t really shown any leanings in this direction.
All of thier “buy in” content, aside from expansions, has been silly little vanity pets. Why link content to a $6 authenticator when they can just release Sparkle Pony Mark 2 and make a ton more profit? In fact the authenticator is pretty much already in the vanity pet category since they added the corehound pup.
I’m afraid this entire argument has slid into the magical land of the slippery slope falacy.
September 15, 2010 at 8:06 pm
Actually, recycling anything except aluminum cans is bad for the enviroment. Or at the very least does nothing.
“The authenticator is the lazy fix for people who can’t be bothered to practice proper internet security on their computer.” Not true.
I have one and I have top of the line anti virus, as well as a password made with numbers/letters/capitalization etc. I have never been hacked, and none of my computers have ever gotten a virus.
“If every account had an authenticator then the hackers would be motivated to find a way to crack them. They’d have to, and they would.” No they wouldn’t.
Authenticators like these are used by banks and security-minded firms around the world. They have never been cracked. I’m not gonna say it is impossible, but it has never happened.
September 15, 2010 at 8:23 pm
Wouldn’t not getting an authenticator be the lazy way to do things?
September 15, 2010 at 8:28 pm
No. Taking an active role in your internet security by buying proper malware guards and practicing safe internet navigation all the time is the unlazy way to do things.
September 15, 2010 at 8:45 pm
I was always under the impression that Blizzard recommend you do all that as well as having an authenticator.
I wasn’t aware they recommend authenticators as a replacement to proper security, rather than an extra layer on top of that.
September 15, 2010 at 9:10 pm
Yes of course, but the fact is, as Blizzard I am sure are well aware, that the majority of people who get an authenticator will believe that this is all the coverage they need, ie lazy.
September 15, 2010 at 9:16 pm
But what’s lazy about adding another layer to that?
As for adding authenticators as a requirement for guild banks, what’s so bad about that? Imagine if you knew someone didn’t run anti-virus software and really liked downloading all the free software websites give out, wouldn’t you want to keep that person away from the gbank?
And isn’t antivirus software just the lazy fix for Windows being vulnerable to infections and people sometimes going to the wrong site? Or is it just another layer of protection which makes sense to use?
September 15, 2010 at 10:03 pm
Whether or not Blizzard is aware, holding them accountable for individual stupidity is ridiculous.
Would you expect your grocery store to make sure you’ve properly stored all of the food you’ve purchased?
Would you expect the company that made your coffee pot to make sure that you’re cleaning it properly between uses?
It’s not their job to make sure that you’re taking care of the equipment you own. They do what they can to control hackers, but it’s a lot more complicated than you make it out to be.
September 15, 2010 at 9:31 pm
I agree entirely that nothing + authenticator is not sufficient. But I don’t think Blizzard is giving that impression. Instead I think they’re acknowledging that a lot of people are, as you say, lazy about security. Adding an authenticator is a technical improvement to what is a personal problem. Clearly not a true solution, but better than nothing. And cheaper for them, since it means that much less time dealing with “lol china hacked me when I wanted them to level my dk”.
September 15, 2010 at 10:37 pm
I would like to point out that what we call “hacking” here, isn’t really hacking, at least not in the traditional sense of the word in the majority of the cases.
We don’t have a person here using advanced computer skills and knowledge, loopholes in security and various established methods to somehow gain access to the victims computer or anything of the sort. In 99% percent of the cases (yes, i made that number up), this is just your basic social engineering. The “victim” being unskilled, uneducated, and uninformed is simply being fooled into giving their info away. This is what “hacking” is in most cases, not only in this game.
Hacking would imply a knowledgable perpetrator. Im sorry to say this, but what we basically have here is, well, frankly, a stupid victim. As someone once said, the biggest security risk on any computer is located between the screen and the chair.
September 15, 2010 at 11:09 pm
Agreed with this. I’m sure VERY rarely is anyone ever “truly” hacked, but rather, idiots give away their information almost freely to phishers.
September 15, 2010 at 10:53 pm
Your argument seems to be made up of two basic points:
“The authenticator is the lazy fix for people who can’t be bothered to practice proper internet security on their computer.”
“… the real point here is that the authenticator attacks the problem from the wrong direction. It puts the onus on the consumer to solve the problem instead of the company, in this case Blizzard.”
Am I reading you right that the authenticator is a lazy fix for people that can’t practice safe computing and you are saying that Blizzard giving them a tool to fix their own issue is wrong?
Seems a bit contradictory to me.
At this point, no one should expect to get guild bank access if they don’t have an authenticator. I’ve seen too many self proclaimed computer experts in my guild get hacked over the last two years to have any sympathy. The bottom line is no one is forcing you to get an authenticator. If you are in a guild that won’t give you the same access as someone with an authenticator then you have the right to go to a different guild.
September 15, 2010 at 11:58 pm
What do you actually expect Blizzard to do here? Somehow magically step in and force every user in install a decent AV program, firewell and attend phishing awareness programs?
People getting ‘hacked’ (as noted above – people don’t actually get hacked per say – they usually give the info to the perpetrators however unknowingly) is hardly Blizzards fault 99% of the time – it’s the user’s problems. Bliz offers tools to help the user prevent it. RSA-style tokens are a fairly universally accepted solution now days to this sort of issues. (and yes it’s not perfect, see http://en.wikipedia.org/wiki/Man-in-the-middle_attack – but the complexity that attack requires is certainly far byond the effort most people would go to to get a WoW account)
The simple fact is the user is THE weak spot in any system – and are exploited as such.
Really feels like you’ve tried to force this analogy.
I’m curious – if Blizzard is being so lazy about this, what are some suggestions you have for things they could do to solve it? You’ve not really offered any suggestions as to what should happen to address the issue other than ‘It’s Bliz fault they should fix it whaa’.
September 16, 2010 at 7:12 am
It’s not my place to offer suggestions, and what is more I wouldn’t presume to know. But Blizzard condones gold selling, gold sellers, bots and gold buying. This is the reason that there are hackers. Seems pretty darn obvious to me.
September 16, 2010 at 1:26 pm
Whaaat? Blizzard tolerates this?
Can you go into details about this as I’m of the believe that blizzard do not tolerates such actions and haven’t heard otherwise.
September 16, 2010 at 2:48 pm
I’ll throw on my tinfoil hat for a minute…
Tolerates publicly? No way.
But their periodic “mass bans” almost seem like they are for show. And the constant use of hacks to make the floating “body signs” in Stormwind or Orgrimmar? How many months have these been happening with little response from Blizzard? We’re resorting to Piccolos to take care of the problem ourselves.
Blizzard, in fact, may not tolerate gold sellers and hackers, but you have to concede that they do little to battle the perception of tolerance.
September 16, 2010 at 2:52 pm
The fact that our in-game experience is disrupted by floating bands of gold-sellers in Stormwind and that the only thing being done is by the players themselves with the Piccolo is all the proof I need. Blizzard have their head in the sand on this. Make the problem go away by making people buy authenticators, in other words get us to pay for them to not solve the problem.
September 16, 2010 at 12:28 pm
You pointed out yourself that authenticators are not infallible. But as the prevalence of authenticators increases those harder methods WILL be used by the hackers who will need to start using them to stay in business. The ONLY truly secure way to stay unhackable is to change the way you work online. If you maintain good discipline with everything you do over the Internet you won’t need a hardware device that makes you believe you are unhackable when in fact you are not.
September 16, 2010 at 12:06 am
First thing, get a new friends. Second, majority of population believes that if they have antivirus they are protected. They don’t check if it’s not updated or quality of that antivirus, they have that program that “protect” them and that’s it. Every person that knows something about these things knows that there are good and bad AV’s. Authenticator is just one more step to secure one thing on my PC that I don’t want to be stolen from me. And I’m happy with it. My AV is protecting my PC and my privacy, not just WoW, it’s one of the top and I know it because I work in that area and my knowledge have to be up to date about those things. Having one more thing to secure your property is not lazy/stupid. Eating from plastic plates to save the planet is most stupid and idiotic thing i have ever heard. Especially because someone is doing it to save time they spend on washing dishes.
September 16, 2010 at 12:08 am
Recycling is one part of the big picture. “Reduce, re-use, recycle” is the mantra and it sounds like you are doing that. Buy less packaging that would need to be recycled or thrown away. Re-use what still works (using cloth bags instead of disposable plastic ones are the big push here) and recycle what can be remanufactured.
Likewise with security, an authenticator is one part of the larger security picture. Blizzard does take some security precautions. They are not perfect, but they are not entirely without security protocols either. Blizzard can’t prevent players from compromising themselves through ignorance or stupidity, but supporting the use of authenticators is a positive step. Certainly better than not allowing authenticators and relying entirely on players making consistently good security decisions.
In both areas, no one facet is sufficient to eliminate The Bad, but each plays a role.
September 16, 2010 at 9:31 am
The thing is, recycling, as it is right now, is not part of the solution. It mostly does more bad than good. With most todays products, while recycling does reduce the amount of trash, it actually requires more energy thant it would making a completely new product. Since most of our energy sources arent clean, it actually increases polution.
Now, off course, there are some products that are worth recycling (items made from aluminium for instance), but most of them arent.
September 16, 2010 at 12:18 am
I think you’ve made an assumption that all that malware detection is keeping on top of the latest malware techniques. The biggest threat to my system is the presence of IE. I don’t run it, and I don’t care to uninstall it, but I remain suspicious of it. A while back, IE had a security leak that allowed third parties to take control of your computer. This was exploited for keylogging, and malware programs weren’t picking them up. I think the “hackers” made a killing of people playing WoW and watching superbowl related stuff through IE.
We run antivirus because we don’t trust ourselves with programs that have been installed. We run firewalls in various configs because we don’t trust ourselves with programs that access the internet without permission. Authenticators are a logical stepping stone in that progression of mistrust we have in the software running on our machines, and I’m certainly glad to use a hardware device as an extra step of prevention/disincentive to people wanting to steal my account.
Authenticators will continue to be a great method of protecting access to your WoW account while there are easier pickings of people without authenticators.
I have heard that the steps taken to hack an authenticator are a lot more involved. They usually involve trying to remove the authenticator from the account, though how that would be done short of calling Blizzard directly and pretending you’re the user who has lost or damaged their authenticator, I’m not sure.
As for the recycling, I guess different countries/cities have different waste management programs in place. In Brisbane, Australia, we have a single recycle bin (located outside the house) that takes glass, tin, paper and recyclable plastics. They’ve just introduced an additional bin for green waste as well, on a user pays basis. I haven’t done the investigations into what actually happens with that waste, but if any of it gets recycled, then that’s better than none of it getting recycled.
September 16, 2010 at 7:01 am
I don’t really agree with you about how only lazy people who don’t know how to protect themselves need an authenticator.
I used to not use an authenticator because I was very secure with my Internet. I have noscript for firefox, a separate email ONLY for my wow account, I NEVER clicked on random links before I knew they were safe. But still I got hacked. Twice. Before I got my authenticator.
Sorry for the terrible text, this is from my ipod
September 16, 2010 at 9:33 am
Did you ever buy gold? Did you ever “win a free mount”? Anything of the sort? Did you let someone else play on your account?
September 16, 2010 at 12:23 pm
I’ll add some more…
– Ever been to any unsavoury websites (sites that offer hacking tools for games/apps as one example)
– Do you keep your software and Windows up to date?
– Do you use Internet Explorer, the world’s most insecure browser?
– Have you ever logged onto battle.net, any other Blizzard site or WoW itself from a publicly shared computer?
An authenticator is fine for now. But don’t let yourself be lulled into a false sense of security because the hackers will one day find ways around them too. No system is unbreakable!
September 16, 2010 at 8:12 am
I agree with you in parts Adam.
I’m going to pass over the recycling that you very eloquently used to build your argument, not because I disagree, but because I don’t think it holds water as an analogy to the authenticator.
Computer security is everyone’s responsibility (as you pointed out) but then so is household security and vehicle security yet we still have break ins and car theft. There is no such thing as perfect computer security, believe me, there really isn’t. There’s just degrees of security and like real life security, you’re more likely to become a victim the less regard and diligence you show.
The responsibility is a shared responsibility between the individual and the service provider, in this case Blizzard. Where I disagree with you is that you’ve put the onus of responsibility on Blizzard, whereas I feel it is perfectly reasonable for Blizzard to insist that the individual plays their part and the only effective way to do this is to enforce the use of an authenticator. Much as it galls us, the security diligent, that we have to pay the price for the lazy, ignorant or stupid it is the most pragmatic approach and therefore I accept it as necessary.
I do agree with you though that fanatical recycling isn’t going to save the planet. The scale of the problem is much bigger than gold hackers.
September 16, 2010 at 8:39 am
Sorry Adam, but i can’t agree with you here.
You pay your monthly subscription fee, and you bought your Vanilla box, TBC box, WotLK box… to summarize, you pay a fucking bunch of euros. Does it really matter so much having to pay 6 euros more? Does it really matter so much if they call it “authenticator” instead of “name_of_your_choice”?
I mean, Blizzard could simply say “well, account security is our duty as a company, so we are gifting every account an authenticator”… then, the day after, they say “well, costs are skyrocketing fast, so we are billing 1 more euro for the monthly subscription fee”: this way they are doing it properly, right? taking care of account security, and letting everyone else do their part, playing (and paying).
The name is not the most important part of the thing, i guess.
P.S. just because making large use of plastic plates is fool, it doesn’t mean that recycling is stupid. You can try to reduce your garbage amount AND still try to recycle the reduced amount. If you don’t want to recycle it’s maybe ok, but please don’t give illogical motivations for it.
September 16, 2010 at 12:13 pm
Adam is not talking about the cost of it. 6 Euro is a small amount and no one will argue that fact with you. Its the entire principle. In fact I would go so far as to say that authenticators do more harm than good. Just like people should be more conscious of the way and what they consume instead of just falling back to “oh I recycle so everythings ok even though I produce more garbage in one day than a small third-world does in a year”. The authenticator seems like a way to safe-guard yourself and you believe you are safe and yet you STILL go to every website linked in a badly worded email and use your account details to login to what is OBVIOUSLY not the real site.
Just like antivirus as well. I have antivirus so bugger it, I’ll go to didgy-schoolgirls.com and install their software because my antivirus will catch anything bad. Or, oh hey, there’s a link in an email that looks like it came from my bank, let me submit my login details even though that address is obviously not right.
Authenticators ARE NOT NECESSARY! They provide a false sense of security when a simple bit of common sense is all that you need!
September 16, 2010 at 12:28 pm
Not necessary, perhaps. A false sense of security, not really. And rubbish, not really either. To be a false sense of security, or rubbish, as it were, the authenticator would simply not have to work.
There are similar devices used by banks for online banking, used by financial institutions just to log on to their networks. I’m not going to say they can’t be “hacked”. The likely downfall will be the social networking where someone gets enough of your personal information to deactivate it, or even just physically steals it, but the effort to do a proper hack is far more effort than skimming the accounts that don’t have an authenticator.
Unfortunately, Blizzard isn’t likely to be telling tales of how people with authenticators got hacked, if such a thing were to happen.
September 16, 2010 at 2:57 pm
The rubbish quote was tied into my recycling part of the post. Maybe not such a good title now come to think of it …
September 16, 2010 at 3:17 pm
So by that logic seat belts are bad: they provide a false sense of security (since you can still get injured) when a simple bit of
common senseer, good driving is all you need. Same with airbags… antilock brakes… insurance… fire extinguishers… It’s a moral hazard situation, yes, but I think most people are safer with an authenticator than without one.September 17, 2010 at 8:51 am
“But even if it wasn’t that costly, why should we have to pay for Blizzard to do their job?
But the real point here is that the authenticator attacks the problem from the wrong direction. It puts the onus on the consumer to solve the problem instead of the company, in this case Blizzard. It is Blizzards problem that people are getting hacked as it costs Blizzard time and thus money to fix these cases. So it attempts to shift the responsibility and cost for this onto the consumer…”
In my previous comment i referred to this. My answer is that, long story short, we ALWAYS pay for Blizzard to do their job, no matter what. It can be an explicit cost, i.e “buy the authenticator”, or an implicit one – “pay the monthly fee”… but it’s always the same: Blizzard will not “do his job” for free, and noone else than us will pay.
September 17, 2010 at 10:15 am
@wowtotts
Seat belts are a bad analogy. If you did not have to worry about OTHER drivers on the road driving badly then they would be unnecessary if you drove safely. Your bad internet security practices are not going to risk MY account. However, if you drive like a dick then I am at risk from your actions so I need a safety belt to protect ME from YOU.
@Colerejuste
It is a false sense of security because most people are lazy. Why bother trying to have better Internet security habits when I just get authenticator and everything is fixed. The day that authenticators get compromised is the day the lazy peoples safety blanket falls to pieces.
As for banks? My bank stopped providing the authenticator devices because of the exact reason I mentioned. Instead they have gone on a MASSIVE drive to educate their Internet banking users in the dangers of Phishing, etc.
September 16, 2010 at 12:07 pm
I totally 100% agree. I didn’t read the comments on here but authenticator’s are total bullshit. An authenticator is NOT necessary to keep your WoW account safe. There are so many aspects of our lives that are like this as you pointed out with recycling. One other IT related aspect is anti-virus. It is actually not a necessity but people spend billions every year funding an industry that would die overnight if everyone was just sensible with their Internet usage practices.
There is a very simple method to stay secure online. Convert everything online to a real life corrolary. Example:
I get an email that says it is from Blizzard and that I have won a free mount and just click this link to claim it. The link in question takes me to a website that looks exactly like battle.net but the address on the top says secure.batle.net.
Lets convert that shall we? If I had gotten a piece of snail mail that told me I had won a free mount and then gave me an address to go to 122 Batle Net lane when I know the address is usually 120 Battle Net Avenue I am already suspicious. But ok, I go along to this address, and when I get there I need my confidential information to be able to enter. Now I am really scared to go ahead and give my details to a place that looks wrong by address. So instead what do I do? I go to 120 Battle Net Avenue, see they are still there, use my confidential details to get inside (as I know I can trust this place) and ask them about the other place and the mount. Oh hey, there isn’t one. They were trying to con me. Snap.
The same can be said of anything online. If you are trying to go to “dodgy” websites online, would you be willing to go to the dodgy real life counterparts? Probably not but you can expect the same result if you do.
September 16, 2010 at 12:38 pm
Here’s another scenario for you.
A vulnerability is discovered in Firefox allowing malware to be placed on any computer using it. This, combined with a vulnerability in some popular blog hosting system, allows my computer to become infected before they become known and get fixed.
Of course, I’m so sensible I don’t need any anti-virus system.
September 16, 2010 at 1:51 pm
“It puts the onus on the consumer to solve the problem instead of the company, in this case Blizzard. It is Blizzards problem that people are getting hacked as it costs Blizzard time and thus money to fix these cases”
Why should Blizzard be responsible for fixing the problem? Unless you think that the WoW client should force install all the latest security updates and run a malware check before running, what the hell is Blizz supposed to do to force people to improve IT security on their own machines? I guess they can make WoW run on consoles only so there’s more control, but a program meant to run on a general PC is a program that’s running on platform of unknown security.
It is OUR responsibilty to have safe IT practices; to not be blind idiots clicking links; to maintain security updates; to check for malware. If someone doesn’t care enough about computer security that they’re typing in their credit card number on an unpatched XP box running IE5.0, do you think they care much if their WoW account gets hacked? The authenticators offer users greatly increased protection, and it is MY reponsibility to use it. If you don’t run OS security patches you’re either 1) an idiot hoping nothing bad will happen, or 2) don’t care about the consequences; same with the authenticator.
September 16, 2010 at 2:12 pm
“What other parts of the game in the future will I not have access to due to the fact that I do not have an authenticator?”
Looking back at your recycling analogy this would mean that people who doesn’t recycle are not allowed to have certain jobs where the employer thinks recycling is Gods gift to humanity?
I can certainly understand the problem in this p.o.v. as guildofficer. When authenticators were introduced my guild talked against making it mandatory(except officers) since we believe it was peoples own choice. We were tired of having members kicked when a officer got his account compromised however and so made it mandatory for officers. Authenticators are the only way we currently have to check other peoples security thus it remains the best option for us.
What I believe you are afraid of is that if this is taken to a extreme.
However I cannot follow your line of reasoning to why this is solely Blizzards fault and that they have failed at the responsibility? I see it as a responsibility shared by Blizzard as well as the customers.
Quoting from Saelle: “the authenticator is a lazy fix for people that can’t practice safe computing and you are saying that Blizzard giving them a tool to fix their own issue is wrong?”
Why are you placing the majority of the blame on Blizzard and saying that they don’t do their job?
September 16, 2010 at 2:50 pm
“Why are you placing the majority of the blame on Blizzard and saying that they don’t do their job?”
As I’ve stated in a comment already, because the problem is rampant gold selling, buying, and botting. Instead of Blizzard dealing with the actual problem they throw the wool over our eyes by stating that we are the problem. Everyone going on about the autheticator being good against this and that are missing the entire point: the authenticator is Blizzards lazy fix, in fact it is no fix at all. The underlying problem is still there, but they have shifted the blame from them not dealing with gold selling and hacking to saying that people don’t have secure enough accounts. Account security would be a non issue if there was no motive for hackers to get in to an account in the first place.
September 16, 2010 at 4:20 pm
They’re not throwing the wool over our eyes by saying we are the problem, because we ARE the problem.
Gold sellers exist because they have a customer base. You want to eliminate goldselling and hacking/social engineering? Get all the players who are buying gold to stop.
Good luck.
September 16, 2010 at 5:00 pm
I know what you meant Adam, I was trying to point out that I fail to see the basis for your theory. Account security is ones own problem and blizzard is trying to help with (I admit) an easy fix. But if I understood your correctly then one of your arguments is that Blizzard does nothing to fix the root of the problem, the goldsellers. I must say I believe they do.
http://news.cnet.com/8301-10784_3-9723906-7.html
However I’ll admit that you do have a point and there may be a reason for concern. I believe you’ll find this article interesting.
http://lawsuit.trendsdaily.net/wow-gold-blizzard.html
All in all, whatever Blizzard is doing it’s not enough and indeed raises the question of how serious they are about stopping goldsellers.
September 16, 2010 at 5:15 pm
I can’t agree with you Adam. The basis of your argument here is that Blizzard could fix this if they wanted to, I don’t believe that’s true.
Gold selling is a wonderful way to make money. It’s not accountable, it’s non taxable, it’s non traceable. The people behind these schemes are not doing it for fun or pocket money. They have the ingenuity, resources and skill to make this a constant struggle for any company to keep up with. With the authenticator Blizzard is taking just one action amongst many. Making it harder for the hackers/sellers, not in the hope that they will stop them – but in the hope that they will go elsewhere for easier pickings. None authenticated games, give someone else the headache and costs.
September 16, 2010 at 5:32 pm
Chewy, if what you say is true, why doesn’t Blizzard just ship an authenticator in every Cataclysm box?
September 16, 2010 at 6:12 pm
Because not everyone wants one/will use one? Why spend your own money to give something away to a customer who might just throw it away? That’s just bad business sense.
September 16, 2010 at 6:20 pm
No, if they were serious they would just make it a compulsory part of playing the game – no authenticator then you can’t even log in. It’s as simple as that.
September 16, 2010 at 6:12 pm
That’s a very good point and I don’t know the answer.
Would it be unreasonable of them to try and recoup some of the costs involved combating a problem that isn’t of their own making ? I don’t believe they intended the gold sellers when they designed the game but there is a very real cost to recovering accounts, returning stolen items which isn’t core game cost.
September 16, 2010 at 6:30 pm
I am sure that the costs of giving out authenticators would be far less in the grand scheme of things than the continued costs of recovering accounts. As far as whether it is unreasonable or not for them to cover costs on a problem not of their own making, I think that they did make this problem. They could have dealt with this issue when it first began to surface and when the playerbase was more made up of hard core gamers who know their way around the internet, as opposed to the more casual gamers that are the staple of WoW at the present time. But they let it slide and at the same time agressively marketed their game to a much broader market. It’s all too convinent for them to cry that it’s not their fault it’s the goldsellers and the goldbuyers. That sort of attitude is reminiscent of someone operating from a position of no power, and if there is one thing that Blizzard is not it is powerless. Their solutions to the problem was the authenticator and to make gold much easier to get. All that achieved, (apart from dumbing down the game), was to make it more easier for gold sellers to get gold.
The sad fact of the matter is that the authenticator is a con. Which means that people who purchased one will never come over to the point that I am trying to make. Much better to believe that the €6, (plus some quite insane amounts of shipping costs), was well spent and that you have ‘done your bit’, than to come to the realisation that you have had the wool pulled over your eyes.
September 16, 2010 at 10:13 pm
I’ll concede the points in your first paragraph that Blizzard probably haven’t done as much as they could do to combat this problem. I would also agree that they have spent more effort marketing than really addressing the gold seller problem. Had that been a proper balance we might not have such a problem now.
But the authenticators aren’t useless or a gimmick, they are a very valid security tool. I didn’t buy one because I thought it was all I had to do. I bought it because I’ve worked in the computer industry since before the Internet existed and I know that they are one more effective line of defence.
Like I lock my car but it also has an alarm and an immobiliser.
September 16, 2010 at 9:48 pm
I didn’t pay for my authenticator (I got one by attending BlizzCon in 2008), and I practice safe websurfing habits as well as keeping my A-V and malware protection up to date. So that means I didn’t purchase one, and I *still* won’t come over to the point you’re trying to make because it’s completely illogical.
You keep decrying the cost, but I wonder if you’re even thinking about how much money Blizzard has already paid for the system without charging the users anything (save a mere pittance for the actual authenticator itself).
Just perusing the Vasco site, the Digipass system (which looks like it’s the model closest to the one Blizzard might be using) costs roughly $3200USD for 25 users. If we assume that Blizzard is getting a bulk discount and cut the rate in half(though it’s probably better than that, I’m just guessing here) that’s still $64 per user that they’re paying already, and not charging a dime for the service. I think they have every right to recuperate some of that cost by charging a measly $8.
Complaining about shipping? Take it up with the post.
I can appreciate that you’re upset with the way this could possibly turn out, but you’re making an unreasonable request over something that Blizzard cannot control, and could not hope to control. Companies just as large (if not larger) have tried, and still fail to keep goldsellers under control (Hi, SonyEQ!), and in the end, the only thing they can do is what they can. Blizzard cannot force people to use anti-virus. Blizzard cannot force people to surf responsibly. Blizzard cannot prevent people from buying gold – they can only enforce a ruleset after the fact, and banning someone who has already bought gold doesn’t stop the issue when it’s so easy to slip under the radar.
If you think you can find the solution that will end keyloggers and goldsellers, then you have to find a way to stop people from wanting to buy gold and accounts. Blizzard could easily handle it by making it so that everything in the game – gear, gold, ore, herbs, whatever you can think of – is bind on pickup, but the resulting outcry would be disastrous.
They have to make a choice. If they lose a few thousand subscriptions over people who don’t want to buy authenticators, it’s probably an acceptable loss.
September 16, 2010 at 3:39 pm
Rogue,
I agree completely with your concerns over recycling; there are studies that show more energy is consumed during the recycling process than creating the products in the first place. Which is more valuable: Plastic and Glass or Carbon and Oil? I’m forced to recycle in my neighborhood, but it is a simple matter of 2 trash cans: 1 for trash, 1 for glass and plastic.
I do have to question your rage over the authenticator. I don’t have one, nor will I buy one, and I am not losing out on any of my game experience. My guild did instate a policy of “No authenticator, No Guildbank”, but because they knew me the GM just said “If you want something, msg me i’ll mail it to you” and that was that. You are correct in your assessment that if people would practice safe SECS (Security Enabling Computer Standards) than there wouldn’t be a need for authenticators… Blizzard seeing that Gold sellers are a problem are offering a solution while turning a buck. Goblin thinking at its best..
September 17, 2010 at 4:28 am
Yay, another provocative opinionated post! Luckily, it’s just uninformed enough to get people to post comments.
The authenticator is as good a proof of physical authentication as any other commercial offering. You can ask anyone who knows a thing or two about encryption whether it has any of the known (and unfortunately common) flaws other similar “dongles” have. Unlike wireless car starters, for example, there’s no read ahead attack possible. Unless the hackers have some way of cheaply brute forcing the industry standard PKE algorithm (which they don’t), this will do nothing but add an authentication factor.
Long story short: unless a hacker can dupe you into entering a code from your authenticator, they can’t log into your account. And if they want to remove it from your account (or replace it with their own), they need you to enter multiple codes.
September 17, 2010 at 7:40 am
Long story short is that you missed the entire point of my post. Well done you!
September 17, 2010 at 8:22 am
To be fair, your outrage is a little misguided.
[quote]I think that it is outrageous that I already pay my full monthly fee but come Cataclysm I will not have full access to the game due to the fact that Blizzard is too lazy to actually deal with this problem.[/quote]
1. You have have full access to your guild bank. That is, a guild you have created yourself, and doesn’t have guild rules requiring an authenticator.
2. You don’t have to wait until the release of Cataclysm to be outraged. From what you’ve said, the guild you are in already has that rule in place, though they verify via the vanity pet. Blizzard have just cut down the guild admin, so officers don’t need to check for the presence of the pet. Sidepoint: If the guild member is duped into removing their authenticator, then they will loose access to those tabs, hopefully reducing the damage that an account thief can do when raiding a guild bank.
I think you could afford to go into detail about “the problem”. I’ve assumed the problem is account thieves. However, “the problem” could be gold sellers, or people with computer security that doesn’t seem to be as good as yours. It’s 5pm on a Friday, and I’m itching to go home, so it could be my short attention span at this point, but I couldn’t see a clear definition of the single problem that Blizzard should be addressing, rather than letting the authenticators do the job for them. The authenticator seems to do a great job of prevent account thieves from getting my account. YMMV, if you had one. You seem to think your computer security knowledge and practice is enough, and it may be, but when it comes to convincing a third party of that.. well, everyone likes to see an SSL certificate when they purchase online, or have third party compulsory insurance for their cars.. the authenticator amounts to a similar thing.
September 18, 2010 at 12:58 am
This is why I have an authenticator (http://wow.joystiq.com/2010/09/17/adobe-announces-new-flash-security-vulnerability/). I still use Firefox, and NoScript and exercise due diligence by not randomly kicking on ads (should they appear) and links, but similar to the reasons for installing antivirus, you never know when some program that you normally trust not to break it’s sandbox is going to do something very naughty.
Even the Mac users could be bitten on the a-se by this one. Now that’s a user base that like to delude itself about computer security. *duck and roll*
September 20, 2010 at 7:29 pm
They should have avoided all this by shipping an authenticator with Cataclysm. Alas they would lose out on cash but it would be a hell of a PR stunt to show they care about their users security. Yeah and pigs might fly 😉
May 20, 2011 at 11:14 pm
Dude, you’ve got problems. Download the mobile authenticator, its made available for free. Honestly, its easier for the customer to be responsible for the security for their own account. Since the customer has one or a few accounts, Blizzard has millions, so you’re in the best place to make your account secure.