Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:
Greenbelt, MD 08/22

Regularly scheduled events

Battle.net Security Breach

Battle.net announces an "important security update," revealing Blizzard has discovered "unauthorized and illegal access into our internal network." As a result, they recommend that North American users change their passwords, though they say they believe that the information retrieved "alone is NOT enough for anyone to gain access to Battle.net accounts." They also have written up an Important Security Update FAQ with all the details on this, including the surprising news that "information was taken that could potentially compromise the integrity of North American Mobile Authenticators," which will lead to a software updates.

View
9. Re: Battle.net Security Breach Aug 9, 2012, 19:44 Mashiki Amiketo
 
Dades wrote on Aug 9, 2012, 19:28:
Good job to the chumps who kept blaming users and insisted authenticators were bullet proof before. No way Blizzard could be the ones compromised, its just users downloading porn and torrents who don't know how to secure their computar!
Authenticators were never bulletproof, but two factor authentication is much better than single factor. You know that right? As it stands, using SRP is nearly impossible to break. Unless they also have access to the salted-hash tables for each users password. If you don't understand how SRP works you can read about it here: https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol

Besides, I already saw someone mention RSA. Too bad someone had to steal both the source code and the key creation layer in order to break their tokens. Blizz uses vasco, and the key creation is open source on that.

The only thing that was taken that could have compromised mobile authenticators, would be a hashing table. But that still doesn't affect physical ones.

Besides, I'd hazard a guess that blizz is smarter on this front than Sony. And this is the last two weeks to 30 days. If it wasn't, they'll be upstream paddling over it otherwise. And they'll also have to answer to their investors over it.

Julio wrote on Aug 9, 2012, 19:36:
I'm sure it helped the bottom line at Blizzard selling a bunch of authenticators for the past few months.
Yeah too bad blizz doesn't make money off selling authenticators, unlike other companies. Guess that sucks for them.

This comment was edited on Aug 9, 2012, 19:49.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Previous Post Next Post Reply Quote Edit Delete Report
 
    Date Subject Author
  1. Aug 9, 19:18 Re: Battle.net Security Breach Stimpack
  2. Aug 9, 19:19  Re: Battle.net Security Breach Cutter
  3. Aug 9, 19:21 Re: Battle.net Security Breach Sepharo
  7. Aug 9, 19:36  Re: Out of the Blue Rigs
  16. Aug 9, 19:57   Re: Out of the Blue ViRGE
  39. Aug 10, 04:05   Re: Out of the Blue El Pit
  41. Aug 10, 04:37    Re: Out of the Blue Kajetan
  42. Aug 10, 04:41     Re: Out of the Blue El Pit
  43. Aug 10, 04:48      Re: Out of the Blue Kajetan
  44. Aug 10, 04:55       Re: Out of the Blue Luke
  51. Aug 10, 10:53    Re: Out of the Blue AngelicPenguin
  52. Aug 10, 11:20     Re: Out of the Blue nin
  53. Aug 10, 11:31      Re: Out of the Blue El Pit
  54. Aug 10, 13:05      Re: Out of the Blue NegaDeath
  55. Aug 10, 13:15       Re: Out of the Blue El Pit
  58. Aug 11, 12:44      Re: Out of the Blue Prez
  11. Aug 9, 19:49  Re: Battle.net Security Breach Bet
  4. Aug 9, 19:28 Re: Battle.net Security Breach Dades
>> 9. Aug 9, 19:44  Re: Battle.net Security Breach Mashiki Amiketo
  13. Aug 9, 19:51   Re: Battle.net Security Breach Prez
  14. Aug 9, 19:53    Re: Battle.net Security Breach Fion
  18. Aug 9, 20:00    Re: Battle.net Security Breach Wraith
  5. Aug 9, 19:31 Re: Battle.net Security Breach xXBatmanXx
  8. Aug 9, 19:36  Re: Battle.net Security Breach Julio
  10. Aug 9, 19:48   Re: Battle.net Security Breach Dades
  19. Aug 9, 20:03    Re: Battle.net Security Breach Mashiki Amiketo
  33. Aug 9, 22:58     Re: Battle.net Security Breach The Pyro
  12. Aug 9, 19:50   Re: Battle.net Security Breach Wraith
  23. Aug 9, 20:16   Re: Battle.net Security Breach descender
  6. Aug 9, 19:35 Re: Battle.net Security Breach Talisorn
  15. Aug 9, 19:54 Re: Battle.net Security Breach Techie714
  17. Aug 9, 19:59 Re: Battle.net Security Breach Dades
  20. Aug 9, 20:04 Re: Battle.net Security Breach RollinThundr
  22. Aug 9, 20:09  Re: Battle.net Security Breach Fantaz
  21. Aug 9, 20:09 Re: Battle.net Security Breach Dades
  24. Aug 9, 20:16  Re: Battle.net Security Breach Mashiki Amiketo
  25. Aug 9, 20:17 Re: Battle.net Security Breach Verno
  27. Aug 9, 21:09  Re: Battle.net Security Breach s1mon75
  29. Aug 9, 21:18   Re: Battle.net Security Breach RailWizard
  32. Aug 9, 21:32   Re: Battle.net Security Breach Dades
  36. Aug 10, 03:46   Re: Battle.net Security Breach Luke
  26. Aug 9, 20:27 Re: Battle.net Security Breach Parallax Abstraction
  28. Aug 9, 21:15 Re: Battle.net Security Breach HorrorScope
  31. Aug 9, 21:25  Re: Battle.net Security Breach eunichron
  35. Aug 10, 02:47   Re: Battle.net Security Breach s1mon75
  38. Aug 10, 03:58    Re: Battle.net Security Breach Luke
  30. Aug 9, 21:23 removed RailWizard
  34. Aug 10, 01:53 Re: Battle.net Security Breach Creston
  37. Aug 10, 03:56  Re: Battle.net Security Breach Luke
  40. Aug 10, 04:26 Re: Battle.net Security Breach Mordecai Walfish
  45. Aug 10, 06:20 Re: Battle.net Security Breach Dev
  46. Aug 10, 06:31  Re: Battle.net Security Breach NKD
  47. Aug 10, 06:56   Re: Battle.net Security Breach InBlack
  50. Aug 10, 08:58   Re: Battle.net Security Breach Verno
  48. Aug 10, 07:25 Re: Battle.net Security Breach Dades
  49. Aug 10, 08:19  Re: Battle.net Security Breach briktal
  56. Aug 10, 14:11 Re: Battle.net Security Breach Steele Johnson
  57. Aug 10, 14:53 Re: Battle.net Security Breach Verno


footer

Blue's News logo