Deary, deary me; Sony are having a mare of a time right now when it comes to security issues. No sooner do they get the PlayStation Network back to a fighting-fit state after last month's damaging hack attack than they…
What would you do if you woke up half-way across the world with no clothes on, and just a mining pick in your possession? That was the virtual reality that faced Luke Maskell when he logged into his World of Warcraft character, Häwk, one morning. His character had been hacked into and everything of value had been removed and sold.
“They must have stolen around ten to fifteen thousand gold worth of goods and cash,” says Luke, “they probably would have earned around £50-£80″. That might not sound like much, but for his character it represents months and months of play in the massively-multiplayer online world where one of the most controversial topics is that of gold farmers and selling equipment for real cash.
But is it a crime? Well, a spokesperson for the Metropolitan Police told us that it was a very tricky one – it would need a test case to be determined, and it would depend on many factors. Complicating the matter is the fact that the virtual thief might not be resident in the UK, and Blizzard’s servers might be sitting in yet another country again. I put this to the Police spokesperson who sucked his teeth and told me that a court-case spanning three countries would be “absolute madness”.
“I certainly see it as a crime,” states Luke, defiantly, “the online assets are in the end, property of Blizzard, and someone is selling this property for real-world money without permission, they should be treated as any other criminal.”
It’s not completely clear how the attacker managed to gain access to Luke’s characters: “Virus scanners and anti malware software found a few stray cookies from websites I was unsure about, but nothing major like a trojan or virus. I don’t think I’ll ever find out how my details were stolen.”
Blizzard, for their part, offer plenty of advice on how to keep accounts secure. On their compromised accounts page they recommend you change passwords regularly and warn against installing dodgy-looking game modifications or using power-levelling services.
They also sell a device called an ‘authenticator’, which hooks up with your account and generates a second password that operates alongside your main one. This password changes every five minutes, so it’s impossible to log in if the authenticator isn’t in your possession.
Luckily, this story has a happy ending for Luke: “Blizzard were great with the issue. I went through both the in-game ticketing system and their online support site to get my items and account back under my control, and they responded quickly and professionally.”
“They advised me on steps to take to prevent any further hacks, fully restored all my items and gold, and even gave everything that was taken from the guild bank back, all within 3 days of the hack occuring. I was very impressed.”
His guild – a group of players that he plays with on a regular basis – were also very supportive, too: “From my guild, I got a general response of sympathy and people wishing me luck in getting all my items and money back from the game moderators. I had a lot of people in the guild offering me some cash to get me back on my feet and replace my items”
If you’re a player of World of Warcraft, or any other online game, put yourself in Luke’s shoes for a minute. Think about how long it took you to acquire the items that you’re using in-game, and how long it would take to replace them. Then go change your account password and buy an authenticator – in the long run, you’ll be very pleased you did.
If you’re going to announce that your new browser is the safest on the market, you’d best be damned sure you’re right. It seems Microsoft releasing Internet Explorer 8 out of open beta yesterday was a red flag to a bull (or a challenge to a hacker), because within 24 hours a new exploit has been found in the browser.
The feat occurred at the annual CanSecWest security conference, which hosted its PWN2OWN hacking contest, where the exploit was found. A German hacker going by the name of Nils found it and claims a prize of $5000 in cash and a Sony Vaio laptop as a prize.
It’s only fair to mention that the same hacker managed to claim an additional $10,000 for successfully hacking Safari and Firefox. There’s still two days left for more browsers to succumb to the hacker’s codey wiles – perhaps Chrome and Opera will let their guard slip as well.
It’s very easy to become alarmed by some of the scaremongering stories which appear in certain sections of the UK press when it comes to technology and privacy, but this one – if abused – could be pretty serious indeed.
According to The Times, The Home Office has developed plans to give the UK police force the power to remotely hack into the personal computer of anyone it suspects might be involved with something dodgy — you know, terrorism, paedophilia, drug trafficking, that kind of thing — without a warrant, with the additional joyous notion that police forces from across the European Union can request information on any British Citizen.
Yes, it does all sound a bit Daily Mail, but unsurprisingly it’s raised the hackles of the human rights group Liberty, which has said that it will mount a legal challenge.
There are several ways to crack a wireless network’s security. The weakest, WEP, can be easily cracked using customized Linux software, but until today, Wi-Fi Protected Access (or WPA) had been considered secure. Not any more. Researchers have announced that they’ve developed a way to partially crack the encryption standard, but I warn you, it’s not easy.
The researchers, Erik Tews and Martin Beck, have found a way to break the Temporary Key Integrity Protocol (or TKIP) in as little as 15-12 minutes. They have not yet, however, managed to crack the encryption keys used to secure the data that travels from the PC to the router.