79447-mass-bothack-bans-round-1-page-3

Page 1, Page 2, Page 3, Page 4, Page 5, Page 6, Page 7, Page 8

Content
{| style="width: 100%;"

Not one of the bots that I've been reporting daily since at least two weeks before you announced the first ban wave has been banned on Orias.


 * }
 * }

{| style="width: 100%;"

You hiring any GM's? I could trim their numbers exponentially within a few hours :)


 * }
 * }

{| style="width: 100%;"

Right on sugercube


 * }
 * }

{| style="width: 100%;"

Ya.. and you guys banned my account because I over-drafted on accident when i bought CREDD and it got refunded to me without my knowing. So glad i put all that effort in to this game to make a mistake and have it all thrown away for it. I didn't get an email, warning, a chance to give a different account to take the money from.. just a huge ass Ban Hammer. Not only that.. but getting your support team to help me out is harder than getting a character from 1-50 in less than an hour. aka it's impossible. Might not want to swing that hammer without looking because innocent people like myself who accidentally make a mistake get caught in your crossfire. Now I have to purchase the game all over again and spend another countless hours getting to where I was. Awesome.


 * }
 * }

{| style="width: 100%;"

Also take into account weak passwords, keyloggers, and the massive amounts of security breaches lately at major online e-tailers that leaked a metric crapton of login information. It's not unreasonable to think that some people are still using the same old login information. Also, there's plenty of time to right click and add them, hell just leave the node for them, they can't insta-farm it, it still takes time to break down and steal.

See above. Or just remember their name long enough to add to your rivals list, works quite well

I am pretty sure Wildstar has this feature already.

You can hardly blame them for something that ultimately was your mistake.


 * }
 * }

{| style="width: 100%;"

I don't agree with this. Two factor auth is no reflection on Carbine as a company. It is in place because computers can be compromised, even the most security conscious people can have their systems hijacked. I bought an external hard drive once that had been compromised *at the factory*! When you plugged it in, it installed malware that (among other things) attempted to harvest your WoW account information. Fortunately I don't allow autoplay on my system. The fact of the matter is that most people don't understand how to secure their PC. So, rather than going through security training that would confuse and bewilder them, they have the option to use two factor auth. I'm not defending Carbine in allowing this exploit to run wild (just read my other posts). But the ONLY thing they have done right is allowing two factor auth from the start. The fact that people are not taking advantage of it is too bad.


 * }
 * }

{| style="width: 100%;"

I've seen bot farmers in several games, but I must say this is by far the most I've ever seen, anywhere. I've reported (just counting the responses to tickets in my mailbox) 14 bots myself in the last 10 days and unfortunately, I still have every single one I've reported on my rival list and still see the very first bot I reported, in the world, still mining away. The problem recently is many of them have evolved and are now either way up in the air, or, inside solid objects so we can't really see them as players. I took the taxi in Grimvault out to final stand, and on the way, saw a level 10, hovering at least 40 meters up in the air, he was actually a bit higher than the taxi flight path! From there, he was mining nodes below us. You could see the mining laser flying out. Unless someone was in the taxi, at the exact place he was, it's extremely likely no one would have ever seen him and the only effect would be an area devoid of nodes. We appreciate all that you guys do and I bet it's hard seeing something you built being dragged through the mud and sewage by not only the farmers but sometimes by us (the player-base) in our rage against them. It's a tough line to walk, the rush to ban the farmers and avoiding actual players (compromised or not) and then facing the backlash from that. I enjoy Wildstar, I like the activities, it's a refreshing game. I don't like the bots, i detest the little *cupcakes*, but I have faith in you Carbine folks to burn them to the ground.


 * }
 * }

{| style="width: 100%;"

Not only do I love two-step auths, but the fact that I am inconvenienced slightly by actually clicking a grid of numbers displayed in an arbitrary order rather than typing them really impresses me. I've switched banks to get that feature.

That was actually an issue in WoW, which you might already know since you brought it up. Accounts were getting hacked and authenticators were added to increase the amount of time the hacker had to use it. You can work with customer support to have a rogue authenticator removed, but it's necessarily (and understandably) inconvenient. The very moment I saw that Carbine were offering 2F with the Google Authenticator I enabled it, as I already use it for a few other accounts. It's entirely possible they have been sending emails and notifications, but it needs to be an in-your-face campaign. You should have to click an extra box at every single login just to dismiss a "would you like to set up an authenticator" reminder.


 * }
 * }

{| style="width: 100%;"

So your argument is that even though 2-step is nearly 100% protection vs hacking, you shouldn't get it cause your chances of being hacked without it are still low? That's ridiculous and moronic. Instead you're saying that we shouldn't try to get people to use 2-step if it involves fear mongering? Poppycock, I say. Use any and all available, legal tactics to get people to better themselves and their communities. No, none of that's correct, says you. What you're really trying to say is there isn't a high chance of you getting hacked either way? Bullshit, I say...count the bots...most of them are hacked accounts. There are thousands and thousands and thousands of hacked accounts. If even half of the accounts hit with the ban wave talked about in this post were hacked (and I think it was WAY more than half), this wave of bans was a drop in the bucket of total botters. And if there are more hacked accounts being botted than other accounts (which it seems pretty obvious there are), than it seems like the majority of botted accounts are hacked accounts and that there are oodles and oodles of hacked accounts. Add all the up and I'd say that the difference in the chances of you being hacked WITH a 2-step vs without are orders of magnitude in difference. And I'd be right.


 * }
 * }

{| style="width: 100%;"

Actually, its not fear mongering its getting to be very close to a guarantee. "fear mongering"?? wow....just...wow I guess "fear mongering" is the reason all serious data-exchange channels in the business world have absolutely mandated 2-factor authentication with things like x.509 programmatic certificates to augment standard SSL certs to secure the channel AND the communication. The reason why the NIST standards and all serious security groups MANDATE 2-factor authentication for compliance where any data that is even remotely P.I (personally identifiable) is involved. Why anyone even remotely, in any way, at all serious about securing anything they care about use it but hey, don't take the rest of the worlds' word for it and console yourself that you didnt give in to the "fear mongering" when it happens to you here or elsewhere.


 * }
 * }