Battle.net compromised

[Plow]

But YOU said it was the players fault. Do I need to go back and quote? Blizzard fucked up. Story end. I'm still playing btw.

Who said this was the player's fault?

We said all the people that got themselves hacked around diablo were at fault then.

The closest thing to any argument against that was that blizzard totally wouldn't actually admit it if they got hacked...

[Dimmauk]

Until now LOL

[Boyiee]

lol happy i kept an eye on this thread, gave me a laugh at work.

I would suggest doing exactly what blizzard suggested in their faq/post/article on this: change your password immediately. The XKCD link is great advice just be careful that your words arent too retarded random lol. I'm sure the SQ/A shit is locked out for now for access, and in the meantime wait until blizzard publicly announces their "change your SQ/A" campaign. I'm sure it wont be some simple email, and instead it'll be a lot more "HEY IN THE NEXT 24 HOURS EXPECT THIS EXACT EMAIL" website announcement.

[Correction]

I'm sure it wont be some simple email, and instead it'll be a lot more "HEY IN THE NEXT 24 HOURS EXPECT THIS EXACT EMAIL" website announcement.

Odds are they'll put up some kind of gate at login that won't let you sign on until you've changed your secret question/answer.

[Julian]

copypasta cause im lazy to retype

<Julian`wat> so uh
<Julian`wat> i think my phone just got hacked
<Julian`wat> either that or
<Julian`wat> it just went crazy by itself
<Julian`wat> was on the phone with cox to move my internet
<Julian`wat> then the call drops
<Julian`wat> i look at my phone
<Julian`wat> and its trying to get into my bnet authenticator lol
<Julian`wat> i keep closing out
<Julian`wat> had to pull my battery
<Julian`wat> in before all my diablo3 stuff was stolen
<Julian`wat> lolz
<Julian`wat> not like i had anything

[Plow]

Until now LOL

That's exactly my point.

The entire basis of the claim that it wasn't the player's fault if they got hacked was that if blizzard itself had gotten hacked, they would totally try to cover it up and we'd never hear anything about it.

Then it actually happens, they immediately announce it publicly, and people act like that's evidence that it happened before and they would have hidden it if so.

[arus2001]

Been noticing a lot of new junk email, myself. Started a few days ago, which I suspect would coincide with Blizz's compromise. More aptly, I'm lucky to maybe get 1 such mail a month due to how little I associate my main email with things. In the past few days? 17. Still, it's funny that pretty much every time Blizz has fucked up post-D3, Eanae's always been there with a "But!" in their defense.

The entire basis of the claim that it wasn't the player's fault if they got hacked was that if blizzard itself had gotten hacked, they would totally try to cover it up and we'd never hear anything about it.

Then it actually happens, they immediately announce it publicly, and people act like that's evidence that it happened before and they would have hidden it if so.

They spotted this one. Anything prior? Who knows. Did we get the full story? Dunno, you work for Blizz?

[Dimmauk]

That's exactly my point.

The entire basis of the claim that it wasn't the player's fault if they got hacked was that if blizzard itself had gotten hacked, they would totally try to cover it up and we'd never hear anything about it.

Then it actually happens, they immediately announce it publicly, and people act like that's evidence that it happened before and they would have hidden it if so.

Um, no. They didn't announce it immediately.

[Dimmauk]

copypasta cause im lazy to retype

<Julian`wat> so uh
<Julian`wat> i think my phone just got hacked
<Julian`wat> either that or
<Julian`wat> it just went crazy by itself
<Julian`wat> was on the phone with cox to move my internet
<Julian`wat> then the call drops
<Julian`wat> i look at my phone
<Julian`wat> and its trying to get into my bnet authenticator lol
<Julian`wat> i keep closing out
<Julian`wat> had to pull my battery
<Julian`wat> in before all my diablo3 stuff was stolen
<Julian`wat> lolz
<Julian`wat> not like i had anything

WTF?!

[Eanae]

Assuming Julian isn't trolling, that seems like something major is wrong with more than just blizzard for that to even occur. >.>

Edit: searched around every major site and found not even a hint of anything similar.

[Insanecyclone]

[Correction]

[Julian]

Assuming Julian isn't trolling, that seems like something major is wrong with more than just blizzard for that to even occur. >.>

Edit: searched around every major site and found not even a hint of anything similar.

Not trolling. If I wasn't using my cellphone at the time, I wouldn't even have noticed that it happened.

I, personally, think that it was just my phone glitching up, but for it to choose to open the battlenet authenticator... Coincidence? I'm leaning towards yes, but I honestly can't be sure. I mean, it definitely felt like I was fighting with someone for control of my phone, I kept hitting home, and they kept trying to open the authenticator, and I spammed home as I tried to dismantle my case so I could battery pull. I've never seen my phone glitch like this before, but then again, I don't really use my phone THAT often either.

I hooked up my internet real quick within 10min of that happening and changed my password anyway.

Sadly, cox is a fucking terribad ISP, and they fucked something up, so I have no internet until the tech comes here on Monday. Until then, I have super shitty 3g tethering, so woooo... Wont be able to check if i got lolhaxed until Monday. I'm honestly more amused than anything, my account is pretty fucking worthless.

[Aumaan_Kujata]

Don't overestimate the ability of hashed+salted passwords to resist being recovered in an offline attack. This isn't the same thing as the whole "they'd have to factor these bigass composite numbers before the heat death of the universe" type stuff you associate with normal keyed crypto. Passwords are short and precomputation is a big lever, even with salt. "Bad Guys" having possession of the hashed password list == change your password - period.

[Eanae]

It's not break one break them all though. They're individually done. So it's break one, break no others. Still a smart idea to change your password sure, but it'd be an "end of the universe" thing to crack them all.