Credit Where It’s Due

 Posted by on March 21, 2011  Guild Wars, MMO Gaming, Rift
Mar 212011
 

16 days.

That’s how long its taken for Trion to impress me.  Like any major MMO release, where there is popularity, there are those who would seek to profit from RMT.  Alongside this comes account hacking – after all, why bot for coin when you can just steal the work of others?

Last week Trion released a security patch with a feature they call CoinLock.  If the system detects that your account is being accessed from an ip address significantly different to your own, it will activate the coin locked mode.  Whilst coin locked, nothing can be deleted or destroyed on your account – you can’t trade, sell or destroy anything on the account.  CoinLock can only be removed through a numerical code that’s emailed to you.  Such a simple idea, but so good.  Or so we thought.

Except it wasn’t stopping people getting hacked.  A previously hacked player, ManWitDaPlan, who works as a white hat for a security firm set about determining how his account got accessed.  In the process he discovered the exploit, by which accounts could be accessed without any fault of the users themselves.  Within an hour of submitting technical details of the exploit, Trion were on the phone to him discussing their security hole.  Within 3 hours, a patch was applied to the entire game that fixed the exploit.  It forced everyone who played to get coin locked to verify themselves in the process.  On a Friday night.  It was a brave move for any MMO (let alone one less than 3 weeks out of release) but just goes to show how seriously Trion take account security.

Compare that to NCSoft’s response to the rash of account compromises in December/January 2009.  After several weeks of denying there was a problem relating to the security of the NCSoft Master Account over the holidays, eventually ArenaNet decided to protect its players by forcing users to provide a character name when logging into the game.  The result?  The rate of compromised accounts dropped to nearly 0.  NCSoft added a small fix to their system some time later, but this was silently removed within 6 months.  A few weeks ago, they finally beefed up their security through the use of IESnare – 14 months after possible insecurities were highlighted, underscored and pointed to with huge neon arrows.

And still, there is nothing to protect Guild Wars players once their account is compromised.

 Tagged with:

  3 Responses to “Credit Where It’s Due”

  1. I suffered through the NCSoft hacking issues and lost 5 years worth of work in Guild Wars, all thanks to a hole that allows others access to your NCSoft data.

    NCSofts fix? NOTHING…They gave me NOTHING in return for losing almost everything I had.

    If GW2 suffers the same “No Restore” policy, I will probably pass this time and stick to Rift…a great game with a company who cares about their customers.

  2. Thankfully, I’ve been able to dodge the hackers for 5 years and across numerous MMOs *touch wood*.

    Thanks for the info re: Rift on Twitter last night. I’m still sitting on the fence, I can’t quite see what Rift holds over other MMOs. I think, slowly but surely, I’m going to end up playing. But it might take time!

    Plus, I’ve still got to get survivor/drunkard/party animal on my GW main before I can even think about picking up another game.


  3. distilled:

    Thanks for the info re: Rift on Twitter last night. I’m still sitting on the fence, I can’t quite see what Rift holds over other MMOs. I think, slowly but surely, I’m going to end up playing. But it might take time!

    In honesty, Twitter is terribad at describing these things fully. Think the Guild Wars profession system (you get 3 which you can change at will) and Guild Wars 2’s dynamic events & grouping (has a few issues but that’s another blog post), with Aion’s looks and WoW-post-Cataclysm feel & crafting. Its not better than other MMOs, its just a less broken system than the others.
    It won’t be for everyone and I’m not taking it as my next love affair. I’m playing it as something to do with my husband, as we’ve done with a variety of MMOs as long as we’ve known each other .

Sorry, the comment form is closed at this time.