Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
User Settings
LAN Parties
Upcoming one-time events:

Regularly scheduled events

Report this Comment
Use this form to report the selected comment to the moderators. Reporting should generally be used only if the comment breaks forum rules.

9. Re: Security Breach Aug 9, 2012, 19:44 Mashiki Amiketo
Dades wrote on Aug 9, 2012, 19:28:
Good job to the chumps who kept blaming users and insisted authenticators were bullet proof before. No way Blizzard could be the ones compromised, its just users downloading porn and torrents who don't know how to secure their computar!
Authenticators were never bulletproof, but two factor authentication is much better than single factor. You know that right? As it stands, using SRP is nearly impossible to break. Unless they also have access to the salted-hash tables for each users password. If you don't understand how SRP works you can read about it here:

Besides, I already saw someone mention RSA. Too bad someone had to steal both the source code and the key creation layer in order to break their tokens. Blizz uses vasco, and the key creation is open source on that.

The only thing that was taken that could have compromised mobile authenticators, would be a hashing table. But that still doesn't affect physical ones.

Besides, I'd hazard a guess that blizz is smarter on this front than Sony. And this is the last two weeks to 30 days. If it wasn't, they'll be upstream paddling over it otherwise. And they'll also have to answer to their investors over it.

Julio wrote on Aug 9, 2012, 19:36:
I'm sure it helped the bottom line at Blizzard selling a bunch of authenticators for the past few months.
Yeah too bad blizz doesn't make money off selling authenticators, unlike other companies. Guess that sucks for them.

This comment was edited on Aug 9, 2012, 19:49.
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Login Email   Password Remember Me
If you don't already have a Blue's News user account, you can sign up here.
Forgotten your password? Click here.


Blue's News logo