| Author |
Topic |
zelalot |
Posted - 2009.09.09 15:20:00 - [ 211]
I do not buy isk but i visit the forums regularaly. It might be an idea to educate us on what things to look out for on the forums that lead to trojans.
I keep seeing those links where you click on and it says "your session has timed out" and "enter your username and password" boxes. that for me is an attempt to get your details. BUT to stop people from being scared of clicking on links on the forums just stop the ability to post a link all together. |
zelalot |
Posted - 2009.09.09 15:30:00 - [ 212]
Oh and hide the email address the character was first set up on. make that something CCP can only change via a telephone conversation that involves several security questions. |
Dakron Argile
Caldari |
Posted - 2009.09.10 11:00:00 - [ 213]
 Originally by: NightmareX
Edited by: NightmareX on 08/09/2009 14:02:18
Question.
Some years ago CCP removed the option to save your password in EVE so you don't have to type your password everytime you log into the game. CCP removed that option only because of security reasons.
So my question is. Does the keylogger still gets your password if you have saved your password in the log in screen?.
If not, i think putting the save password option back might be a good idea .
Edit: As far as i know about keyloggers, the keyloggers only gets your information if you have to type in your username or password or both. The keylogger can't find your info out as long you don't type in your username or password. And the keylogger can't see what your password is also if the password is already saved and only have dots in the password field.
So if the keyloggers are created like that, then yeah, it might help to have the option to save your password in the log in screen in EVE.
But correct me if i'm wrong though. Not sure if there are some super duper smart keyloggers out there who scans your whole computer for stuffs and that.
While the most common keyloggers/trojans out there can only effectively get your login information by what you type on your keyboard.. there are some more advanced ones that use the hook function of your OS to get the information. The problem with this, is that the "save password" function of almost every application out there that has it, uses this hook function to populate the field. So, if our dirty little far-east "hackers" had the advanced stuff, if you get it you're boned either way. Luckily, from the looks of things, and the fact that I took a little deeper look into the file in most of those **** links with a "sandbox" program.. it isn't the super keylogger, just the run-of-the-mill version that only uses the keystrokes themselves. |
Attila Hellsfury |
Posted - 2009.09.12 15:56:00 - [ 214]
Yeh, nice sec risk DONT BUY FROM ISK Sellers they ruin the game !!!!
CCP takes actions against ISK buyers GOOD, but also CCP need to take actions of this BUGY PATCHES - shutting down the server on Saturday 4 pm GMT is not the way to go, we pay here for the game and so I think we can have a system thats works ! |
Kyrinth |
Posted - 2009.09.12 16:04:00 - [ 215]
World of Warcraft have these keychains called "Blizzard Authenticators". You link your authenticator to your account and then when you log in you first use your normal username and password. Then it pops up a box and asks for your authenticator code.. you press the button on the authenticator and enter the code from the LCD display.
Very similar to how RSA software keys work and very secure.
Essentially the RSA key is hardwired to display a 6 or 8 digit code that is generated using the number of seconds elapsed since a particular point in time as the random number seed.
Each RSA key has a serial number that is known by the server. The server matches that serial to the specific point in time and can calculate what the number is you should be entering.
Each number is valid only once and for only 60 seconds, then it changes.
This method renders keyloggers and screen capturing completely useless. |
Dr Karsun
Gallente
Coffee Lovers Brewing Club |
Posted - 2009.09.13 11:24:00 - [ 216]
Well, there are a few mistakes often commited by many players than make attacking easier... 1st - having the username match the character name... I've seen that a few times in other games. This should be mentioned during the creation of your first character in the game for each account, many people don't know how risky this is. 2nd - someone mentioned different passwords for forums and for eve - also a great idea. 3rd - don't buy isk... Well, I never had to buy isk nor do I want to... That's part of the fun, finding your way of earning money in eve. And if I may, I got a question - Originally by: GM Grimmi
We also would like to add that buying in-game items, aside from PLEX, for real-world money is strictly prohibited by our EULA and action may be taken against those found doing it.
Does this mean buying PLEX for real money is legal? |
Alia Xi
The Bastards
The Bastards. |
Posted - 2009.09.13 14:58:00 - [ 217]
Originally by: Dr Karsun
And if I may, I got a question -
Originally by: GM Grimmi
We also would like to add that buying in-game items, aside from PLEX, for real-world money is strictly prohibited by our EULA and action may be taken against those found doing it.
Does this mean buying PLEX for real money is legal?
If you were buying a PLEX for real money - then afaik no, because you're trading real money for an ingame item. To get a PLEX you need to get a GTC from the eve store, battleclinic or other authorised GTC vendor. Then convert the GTC into a plex like this. I've never used plex or a gtc but that took me literally 2 minutes to find out. As for the forum hacking/spamming and keyloggers Using different passwords for login and forums would be sensible Using a random combination of different characters from your password would also be sensible (1st, 5th, 7th, etc) Disabling hyperlinks from the site so they're text only and you have to copy and paste |
Zixie Draco
Tactical Knightmare
|
Posted - 2009.09.16 17:12:00 - [ 218]
Edited by: Zixie Draco on 16/09/2009 17:32:14
I vote for some type of authenticator. This game feels so unprotected. |
Isana Newton |
Posted - 2009.09.23 12:09:00 - [ 219]
Originally by: Agent Known
Maybe now's also the time to restart Linux support. No more keyloggers! 
In fact I got a perfectly working linux keylogger - it works without having root status too! You might wanna read up about X function GetKeyboardStatus :> But who the heck cares, you buy isk, you get hacked - you deserve it for buying from those scumbags! Just ignore em and be safe! |
Presidente Gallente
Dark-Rising
Executive Outcomes |
Posted - 2009.09.25 12:06:00 - [ 220]
Edited by: Presidente Gallente on 25/09/2009 12:26:09
Answer to OP:
Yes, and a lot of EVE user currently have the problem not to get back their reprocessed stuff but the ISK because CCP believes more in their EULA, rules and regulations than in their paying customers. The argument that "giving back stuff easily" will cause exploits is not working here. First: it's never easy to get something back from CCP. Second: noone except the ISK seller has any advantage by faking a hacking, reprocessing several billions in assets into a few hundred millions and trying to get the stuff double back, if that is what CCP means. Finally you get banned due to investigation, you lose additionally skilling time and if CCP figures out that this is a fake then you get perma-banned. Generally you just get back the ISK and resulting ISK and that's it. That's not acceptable in this special case because it simply cuts your interest into EVE if you lost assets you worked/played months and daily for.
As long as "a few" of 300.000 are whining and emo-quitting, CCP will not care. That's the usual behavior of a big company stucked with their bureaucracy. Unfortunately a logical step when dealing with 300.000 players but ending up in a catch22 of bad support and leaving customers alone.
But I ask here and now: what will CCP will do if there's a hacking stampede ruining thousands of customers accounts and they all quit the game in frustration because CCP's EULA can't help them? Sounds not good for the future of this game! CCP should not make a difference between "a few" and "a few thousands". CCP should eventually also think back to the beta-stage where EVE was on thin ice. Without customers no EVE, without a better EVE no more customers.
The actual petition situation is: "Sorry, we can't help you!" and you need loads of patience and wall of text to fight for your lost ingame time and finally a "real" value.
Beeing hacked is in most of the cases eventually your own fault but it's criminal activity and keyloggers are a growing problem.
If CCP has the technology to track stuff or restore stuff by logs when an account was hacked and ruined: JUST DO IT! and take ISK for this service.
Some phishing tactics are very clever and nasty. I am not talking about the cheap "click that p*rn movie link".
I could imagine that CCP needs a solution of eg. logging by pwd and fingerprint. I actually have a fingerprint sensor at my Laptop what let me come to this idea.
The problem is: CCP needs to deliver the technology. I have not thought much more about it but it looks like a good way for better protection.
Just saying: "Don't click on suspicious links!" is correct but who knows what these hacker-as*hats do next? |
FleetAdmiral Gruffel
Gruffel Inc.
|
Posted - 2009.09.29 08:19:00 - [ 221]
Originally by: Dr Karsun
And if I may, I got a question -
Originally by: GM Grimmi
We also would like to add that buying in-game items, aside from PLEX, for real-world money is strictly prohibited by our EULA and action may be taken against those found doing it.
Does this mean buying PLEX for real money is legal?
I think this means a GM is gonna lose his job! |
Mr Laden |
Posted - 2009.09.29 11:07:00 - [ 222]
Give us QR barcode security!!! |
DeODokktor
Caldari
Dark Templars
The Fonz Presidium |
Posted - 2009.10.01 12:11:00 - [ 223]
User xxx is permanently banned
Last login: 2009.09.09 21:06
Number of visits: 2066
Reason: Account security compromised. Please contact support@eve-online.com for assistance
Is this down to the same thing?..
I contacted via petition but had no responce so far, I know my box is clean (like 9 accounts and only one compromised)... and the last time the char logged in was the day I topped it up with a 60d timecode and set his skill... If there's brute force hacking going on (as has happened in the past) then that's a shame... there should be a time mutator that once an attempt is made the next attempt takes twice as long to check.. brute force 20 guesses and your now waiting for like 12 days... shorely it would be a PITA to put in if the same account is getting hit every day with 10 trys, but stil.....
if anyone has found that the above ban error is due to this problem let me know (as I am curious atm)... just FYI, that is not my account name ;p |
Presidente Gallente
Dark-Rising
Executive Outcomes |
Posted - 2009.10.01 13:22:00 - [ 224]
Edited by: Presidente Gallente on 01/10/2009 13:25:48 Originally by: DeODokktor
User xxx is permanently banned
Last login: 2009.09.09 21:06
Number of visits: 2066
Reason: Account security compromised. Please contact support@eve-online.com for assistance
Is this down to the same thing?..
I contacted via petition but had no responce so far, I know my box is clean (like 9 accounts and only one compromised)... and the last time the char logged in was the day I topped it up with a 60d timecode and set his skill... If there's brute force hacking going on (as has happened in the past) then that's a shame... there should be a time mutator that once an attempt is made the next attempt takes twice as long to check.. brute force 20 guesses and your now waiting for like 12 days... shorely it would be a PITA to put in if the same account is getting hit every day with 10 trys, but stil.....
if anyone has found that the above ban error is due to this problem let me know (as I am curious atm)... just FYI, that is not my account name ;p
Petition and wait. There's also another message that says something like: account banned due to hacking investigation. I would wait for a GM responding and depending on what the hacker did with your stuff I would kindly ask for a Senior GM escalation. That could eventually shorten the process of solving the petition. If you had a skill running it will be stopped and lost time will not be reimbursed. |
DeODokktor
Caldari
Dark Templars
The Fonz Presidium |
Posted - 2009.10.01 13:26:00 - [ 225]
Originally by: Presidente Gallente
Petition and wait. There's also another message that says something like: account banned due to hacking investigation.
I would wait for a GM responding and depending on what the hacker did with your stuff I would kindly ask for a Senior GM escalation.
That could shorten the process of the pretition.
Nothing has been stolen, I own a few hundred bil worth of t2 bpo's that are unlocked.. Not only that, but the char in question shows last login as the day I logged in.. Also ;p... checked through corp/view personal hangar.. and all of his stuff is still there.. But yea.. Will keep waiting ;( |
Presidente Gallente
Dark-Rising
Executive Outcomes |
Posted - 2009.10.01 13:31:00 - [ 226]
Edited by: Presidente Gallente on 01/10/2009 13:38:08 Originally by: DeODokktor
Originally by: Presidente Gallente
Petition and wait. There's also another message that says something like: account banned due to hacking investigation.
I would wait for a GM responding and depending on what the hacker did with your stuff I would kindly ask for a Senior GM escalation.
That could shorten the process of the pretition.
Nothing has been stolen, I own a few hundred bil worth of t2 bpo's that are unlocked.. Not only that, but the char in question shows last login as the day I logged in.. Also ;p... checked through corp/view personal hangar.. and all of his stuff is still there..
But yea.. Will keep waiting ;(
Then you had luck. Lots of luck!!! Usually the ISK sellers log in and reprocess everything or repackage ships and sell them raw on the market to get ISK immediately and move that to another trial account. Therefore contracts are not interesting for them. But they reprocess faction and officer mods without any scruple. The reprocessing seems not to be undo-able in most of the cases. There you end up in a whine cycle and petition catch22. If the hacker was trying to fly your ship and you lost that and your imps by beeing podded you need to petition that, too. And you need a lot of what the the game will teach us: PATIENCE! |
SghnDubh
BattleClinic |
Posted - 2009.10.04 02:20:00 - [ 227]
|
ingenting
Garoun Investment Bank
|
Posted - 2009.10.05 12:17:00 - [ 228]
Remove 5-minute timer for everyone older than 1 month |
Tenokiro |
Posted - 2009.10.18 11:07:00 - [ 229]
Just give us the option to buy an authenticator, it increased the security in wow, and it would work here aswell. |
Gremmk |
Posted - 2009.10.19 23:43:00 - [ 230]
Ok as someone put, hacking level V required.
As a programmer who follows up on security measures, here is a few things that could be implemented to increase account security.
1) Monitor the windows API calls for those requesting dumps from your process ID.
1a) If a process is recorded as dumping memory from your application - monitor that process to see if it is writing files to the hard drive. [This information should be sent back to developer for analyzing] - Example of Information
C:\windows\system32\bagina.dll - was recording information in C:\windows\system32\bagina.txt [ If this is widespread then the login should check for a bagina.dll and mention it to them prior to login that there computer is infected with the bagina hack.
(Also there was a webinar from trustwave on this kind of attack in sept)
2) Record the windows installation ID on server (make sure not to violate your privacy policy / terms of service - this may need to be ammended). Whenever the user is logging in from a machine that does not have the correct Installation ID (Record the last 5 used id's [use the last 6 characters of it or so], and check against those) If its a new installation id, ask a security question [ mothers maiden name? First Car? Favorite Pet? etc]
3)Require Password changes every 3 months, also require password changes when an account has been logged on the 5th different windows installation ID.
4) On securing the API. use a java applet to pull the windows installation ID. if a person is requesting an API key from a computer that has never logged into eve, flag the account to change password at next login, and deny the api key.
|
ZigZag Joe
Di-Tron Heavy Industries
Atlas. |
Posted - 2009.10.20 08:31:00 - [ 231]
ban china |
Cory Sopapilla
Minmatar
Kiroshi Group |
Posted - 2009.10.20 18:42:00 - [ 232]
Originally by: ingenting
Remove 5-minute timer for everyone older than 1 month
This is what I'd like to see as well. Or at least only limit trial accts or people with less than X # posts who haven't received the ban hammer. Odds are if someone has like 20 posts and no moderation done to them, they're legit. It'd make the offenders work harder rather than the legit posters. |
John Ellsworth
Gallente |
Posted - 2009.10.21 00:55:00 - [ 233]
Originally by: GM Grimmi
We currently have problems with accounts being hacked and cleaned out of ISK and assets. The perpetrators are ISK sellers and we are mercilessly reversing all transactions from them. ISK buyers beware that we will track down and remove ISK received from the ISK sellers even if it means putting wallets into the negative. We also would like to add that buying in-game items, aside from PLEX, for real-world money is strictly prohibited by our EULA and action may be taken against those found doing it.
A lot of the security issues stem from links being posted on the forums and players should be extremely wary of opening links as they are very likely to install keyloggers/Trojans and subsequently result in accounts being ruined.
Lastly, the internet is a dangerous place so keep your anti-virus software current and click with care.
please review my recent petition |
Arnov Karsoth
Squirrel Power |
Posted - 2009.10.26 10:50:00 - [ 234]
digipass/authenticator is a extremely cheap way of ensuring account safety and lessen ccp's workload
why doesnt ccp start making some and sell for peanuts to their customers like blizzard did?
|
SephiXan
Amarr
Cold Steel Inc.
|
Posted - 2009.10.28 15:11:00 - [ 235]
Originally by: Cory Sopapilla
Originally by: ingenting
Remove 5-minute timer for everyone older than 1 month
This is what I'd like to see as well. Or at least only limit trial accts or people with less than X # posts who haven't received the ban hammer. Odds are if someone has like 20 posts and no moderation done to them, they're legit. It'd make the offenders work harder rather than the legit posters.
Should probably make a more secure system than by setting a post cap as anyone can veteran then abuse the system. Though there are many players here who have a lot of threads they go through and being limited by a limit makes communication limited. Though overall possibly decrease the timer's length. |
All Channels
EVE General Discussion
